CVE-2015-8538Improper Input Validation in Project Libdwarf

CWE-20Improper Input ValidationCWE-125Out-of-bounds Read8 documents7 sources
Severity
6.5MEDIUMNVD
EPSS
0.4%
top 38.93%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Libdwarf Project Libdwarf
Timeline
PublishedJun 7
Latest updateMay 13

Description

dwarf_leb.c in libdwarf allows attackers to cause a denial of service (SIGSEGV).

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages1 packages

NVDlibdwarf_project/libdwarf1999-12-142015-11-14

🔴Vulnerability Details

3
GHSA
GHSA-f675-hff7-gmp4: dwarf_leb2022-05-13
OSV
CVE-2015-8538: dwarf_leb2017-06-07
CVEList
CVE-2015-8538: dwarf_leb2017-06-07

📋Vendor Advisories

2
Red Hat
libdwarf: Out-of-bounds read in dwarf_leb.c2015-12-07
Debian
CVE-2015-8538: dwarfutils - dwarf_leb.c in libdwarf allows attackers to cause a denial of service (SIGSEGV).2015

💬Community

2
Bugzilla
CVE-2015-8538 libdwarf: Out-of-bounds read in dwarf_leb.c2015-12-14
Bugzilla
CVE-2015-8538 libdwarf: Out-of-bounds read in dwarf_leb.c [epel-6]2015-12-14
CVE-2015-8538 — Improper Input Validation | cvebase