CVE-2016-9558
published 2017-02-28CVE-2016-9558: (1) libdwarf/dwarf_leb.c and (2) dwarfdump/print_frames.c in libdwarf before 20161124 allow remote attackers to have unspecified impact via a crafted bit…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
(1) libdwarf/dwarf_leb.c and (2) dwarfdump/print_frames.c in libdwarf before 20161124 allow remote attackers to have unspecified impact via a crafted bit pattern in a signed leb number, aka a "negation overflow."
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | dwarfutils | < dwarfutils 20161124-1 (bookworm) | dwarfutils 20161124-1 (bookworm) |
| libdwarf_project | libdwarf | >= 1999-12-14 < 2016-11-24 | 2016-11-24 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL