CVE-2022-34299
published 2022-06-23CVE-2022-34299: There is a heap-based buffer over-read in libdwarf 0.4.0. This issue is related to dwarf_global_formref_b.
high8.1CVSS 3.1
AVNACLPRNUIRSUCHINAH
There is a heap-based buffer over-read in libdwarf 0.4.0. This issue is related to dwarf_global_formref_b.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | dwarfutils | < dwarfutils 1:0.11.1-1 (forky) | dwarfutils 1:0.11.1-1 (forky) |
| libdwarf_project | libdwarf | — | — |
CVSS provenance
nvdv3.18.1HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
osv8.1HIGH