CVE-2022-39170 — Double Free in Project Libdwarf

Severity

8.8HIGHNVD

EPSS

0.5%

top 33.77%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedSep 2

Latest updateSep 3

Description

libdwarf 0.4.1 has a double free in _dwarf_exec_frame_instr in dwarf_frame.c.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Also affects: Fedora 37

GHSA

GHSA-q3xx-pg8c-jqh6: libdwarf 0↗2022-09-03

▶

OSV

CVE-2022-39170: libdwarf 0↗2022-09-02

▶

CVEList

CVE-2022-39170: libdwarf 0↗2022-09-02

▶

Red Hat

libdwarf: double free in _dwarf_exec_frame_instr() in dwarf_frame.c↗2022-09-02

▶

Debian

CVE-2022-39170: dwarfutils - libdwarf 0.4.1 has a double free in _dwarf_exec_frame_instr in dwarf_frame.c.↗2022

▶