CVE-2016-9276 log

Source
Severity Medium
Remote No
Type Information disclosure
Description
An out of bounds heap read was found in dwarf_get_aranges_list in dwarf_arrange.c triggered by crafted input to dwarfdump utility.
Group Package Affected Fixed Severity Status Ticket
AVG-89 libdwarf 20161021-1 20161124-1 High Fixed
Date Advisory Group Package Severity Type
03 Dec 2016 ASA-201612-4 AVG-89 libdwarf High multiple issues
References
https://github.com/asarubbo/poc/blob/master/00026-libdwarf-heapoverflow-dwarf_get_aranges_list
https://github.com/asarubbo/poc/blob/master/00026-libdwarf-heapoverflow-dwarf_get_aranges_list