CVE-2016-2050 — Out-of-bounds Write in Project Libdwarf

CWE-787 — Out-of-bounds Write9 documents7 sources
Severity
6.5MEDIUMNVD
EPSS
0.6%
top 31.01%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Libdwarf Project Libdwarf
Timeline
PublishedJan 31
Latest updateMay 13

Description

The get_abbrev_array_info function in libdwarf-20151114 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted elf file.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages1 packages

â–¶NVDlibdwarf_project/libdwarf2015-11-14

🔴Vulnerability Details

3
GHSA
GHSA-xggq-h9cc-vccx: The get_abbrev_array_info function in libdwarf-20151114 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted elf f↗2022-05-13
â–¶
CVEList
CVE-2016-2050: The get_abbrev_array_info function in libdwarf-20151114 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted elf f↗2017-01-31
â–¶
OSV
CVE-2016-2050: The get_abbrev_array_info function in libdwarf-20151114 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted elf f↗2017-01-31
â–¶

📋Vendor Advisories

2
Red Hat
libdwarf: Out-of-bounds write in get_abbrev_array_info↗2016-01-19
â–¶
Debian
CVE-2016-2050: dwarfutils - The get_abbrev_array_info function in libdwarf-20151114 allows remote attackers ...↗2016
â–¶

💬Community

3
Bugzilla
CVE-2016-2050 libdwarf: Out-of-bounds write in get_abbrev_array_info↗2016-01-20
â–¶
Bugzilla
CVE-2016-2050 libdwarf: Out-of-bounds write in get_abbrev_array_info [epel-all]↗2016-01-20
â–¶
Bugzilla
CVE-2016-2050 libdwarf: Out-of-bounds write in get_abbrev_array_info [fedora-all]↗2016-01-20
â–¶
CVE-2016-2050 — Out-of-bounds Write in Project Libdwarf | cvebase