| CVE-2017-9998 |
AVG-332 |
Low |
No |
Denial of service |
The _dwarf_decode_s_leb128_chk function in dwarf_leb.c in libdwarf through 2017-06-28 allows attackers to cause a denial of service (Segmentation fault) via... |
| CVE-2016-9558 |
AVG-89 |
Low |
No |
Denial of service |
A negation overflow vulnerability was found in dwarf_leb.c triggered by crafted input to dwarfdump utility. |
| CVE-2016-9480 |
AVG-89 |
Medium |
No |
Information disclosure |
libdwarf allows context-dependent attackers to obtain sensitive information or cause a denial of service by using the "malformed dwarf file" approach,... |
| CVE-2016-9276 |
AVG-89 |
Medium |
No |
Information disclosure |
An out of bounds heap read was found in dwarf_get_aranges_list in dwarf_arrange.c triggered by crafted input to dwarfdump utility. |
| CVE-2016-9275 |
AVG-89 |
Medium |
No |
Information disclosure |
An out of bounds heap read was found in _dwarf_skim_forms in dwarf_macro5.c triggered by crafted input to dwarfdump utility. |
| CVE-2016-8681 |
AVG-89 |
Medium |
No |
Information disclosure |
An out of bounds heap read vulnerability was found in _dwarf_get_abbrev_for_code triggered by invoking dwarfdump command on crafted file. |
| CVE-2016-8680 |
AVG-89 |
Medium |
No |
Information disclosure |
An out of bounds heap read vulnerability was found in _dwarf_get_abbrev_for_code triggered by invoking dwarfdump command on crafted file. |
| CVE-2016-8679 |
AVG-89 |
Medium |
No |
Information disclosure |
An out of bounds heap read vulnerability was found in _dwarf_get_size_of_val triggered by invoking dwarfdump command on crafted file. |
| CVE-2016-7511 |
AVG-89 |
Low |
No |
Denial of service |
An integer overflow vulnerability was found in dwarf_die_deliv.c causing segmentation fault. |
| CVE-2016-7510 |
AVG-89 |
Medium |
No |
Information disclosure |
An out-of-bounds read vulnerability was found in read_line_table_program() in libdwarf. |
| CVE-2016-5044 |
AVG-89 |
High |
No |
Arbitrary code execution |
A vulnerability was found in libdwarf in dwarf_elf_access.c:1071. A crafted ELF file may lead to a large offset value, which bigger than the size of... |
| CVE-2016-5043 |
AVG-89 |
Medium |
No |
Information disclosure |
A vulnerability was found in libdwarf. A function dwarf_dealloc() did not check the Dwarf_Ptr space argument before using it which leads to an out-of-bounds read. |
| CVE-2016-5041 |
AVG-89 |
Low |
No |
Denial of service |
A vulnerability was found in libdwarf. If no DW_AT_name is present in a debugging information entry using DWARF5 macros a null dereference in dwarf_macro5.c... |
| CVE-2016-5040 |
AVG-89 |
Low |
No |
Denial of service |
A vulnerability was found in libdwarf. If the data read for a compilation unit header contains a too large length value the library will read outside of its... |
| CVE-2016-5037 |
AVG-89 |
Low |
No |
Denial of service |
A null pointer dereference vulnerability was found in _dwarf_load_section. |
| CVE-2016-5035 |
AVG-89 |
Medium |
No |
Information disclosure |
An out-of-bounds read vulnerability was found in dwarf_line_table_reader.c. |
| CVE-2016-5033 |
AVG-89 |
Medium |
No |
Information disclosure |
An out-of-bounds read vulnerability was found in libdwarf in print_exprloc_content. |
| CVE-2016-5032 |
AVG-89 |
Medium |
No |
Information disclosure |
An out-of-bounds read vulnerability was found in libdwarf in dwarf_get_xu_hash_entry() function. |
| CVE-2016-5031 |
AVG-89 |
Medium |
No |
Information disclosure |
An out-of-bounds read vulnerability was found in libdwarf in print_frame_inst_bytes() function. |
| CVE-2016-5030 |
AVG-89 |
Low |
No |
Denial of service |
A null pointer dereference vulnerability was found in libdwarf in _dwarf_calculate_info_section_end_ptr() function. |
| CVE-2016-5029 |
AVG-89 |
Low |
No |
Denial of service |
A null pointer dereference vulnerability was found in libdwarf in create_fullest_file_path() function. This is due to corrupted dwarf and the fix detects... |
| CVE-2016-5028 |
AVG-89 |
Low |
No |
Denial of service |
A null pointer dereference vulnerability was found in libdwarf. It exists due to a corrupted object file. Libdwarf was not dealing with empty (bss-like)... |
| CVE-2016-5027 |
AVG-89 |
Low |
No |
Denial of service |
A vulnerability was found in libdwarf. A malicious object with data all-bits-on could bypass length checks which results in an out-of- bounds read. |