CVE-2019-14249
published 2019-07-24CVE-2019-14249: dwarf_elf_load_headers.c in libdwarf before 2019-07-05 allows attackers to cause a denial of service (division by zero) via an ELF file with a zero-size…
medium6.5CVSS 3.0
AVNACLPRNUIRSUCNINAH
dwarf_elf_load_headers.c in libdwarf before 2019-07-05 allows attackers to cause a denial of service (division by zero) via an ELF file with a zero-size section group (SHT_GROUP), as demonstrated by dwarfdump.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | dwarfutils | — | — |
| libdwarf_project | libdwarf | < 2019-07-05 | 2019-07-05 |
| libdwarf_project | libdwarf | >= 0 < 0.6.0-r0 | 0.6.0-r0 |
| libdwarf_project | libdwarf | >= 0 < 0.6.0-r0 | 0.6.0-r0 |
| libdwarf_project | libdwarf | >= 0 < 0.6.0-r0 | 0.6.0-r0 |
| libdwarf_project | libdwarf | >= 0 < 0.6.0-r0 | 0.6.0-r0 |
| libdwarf_project | libdwarf | >= 0 < 0.6.0-r0 | 0.6.0-r0 |
| libdwarf_project | libdwarf | >= 0 < 0.6.0-r0 | 0.6.0-r0 |
| msrc | azl3_libdwarf_0.9.0-1_on_azure_linux_3.0 | — | — |
| msrc | cbl2_libdwarf_0.9.0-3_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_libdwarf_0.9.0_on_cbl_mariner_2.0 | — | — |
CVSS provenance
nvdv3.06.5MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
osv6.5MEDIUM