Libdwarf Project Libdwarf vulnerabilities

CVE-2015-8750 [MEDIUM] CWE-476 CVE-2015-8750: libdwarf 20151114 and earlier allows remote attackers to cause a denial of service (NULL pointer der libdwarf 20151114 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a debug_abbrev section marked NOBITS in an ELF file.

CVE-2016-2050 [MEDIUM] CWE-787 CVE-2016-2050: The get_abbrev_array_info function in libdwarf-20151114 allows remote attackers to cause a denial of The get_abbrev_array_info function in libdwarf-20151114 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted elf file.

CVE-2016-7410 [MEDIUM] CWE-125 CVE-2016-7410: The _dwarf_read_loc_section function in dwarf_loc.c in libdwarf 20160613 allows attackers to cause a The _dwarf_read_loc_section function in dwarf_loc.c in libdwarf 20160613 allows attackers to cause a denial of service (buffer over-read) via a crafted file.

CVE-2016-9480 [CRITICAL] CWE-119 CVE-2016-9480: libdwarf 2016-10-21 allows context-dependent attackers to obtain sensitive information or cause a de libdwarf 2016-10-21 allows context-dependent attackers to obtain sensitive information or cause a denial of service by using the "malformed dwarf file" approach, related to a "Heap Buffer Over-read" issue affecting the dwarf_util.c component, aka DW201611-006.

CVE-2016-2091 [LOW] CWE-125 CVE-2016-2091: The dwarf_read_cie_fde_prefix function in dwarf_frame2.c in libdwarf 20151114 allows attackers to ca The dwarf_read_cie_fde_prefix function in dwarf_frame2.c in libdwarf 20151114 allows attackers to cause a denial of service (out-of-bounds read) via a crafted ELF object file.