OSV-2026-744

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libdwarf/OSV-2026-744.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2026-744
Published
2026-05-16T00:08:42.909156Z
Modified
2026-05-16T00:08:42.909443Z
Summary
Heap-double-free in _dwarf_destruct_elf_nlaccess
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=513032442

Crash type: Heap-double-free
Crash state:
_dwarf_destruct_elf_nlaccess
_dwarf_elf_nlsetup
dwarf_init_path_dl_a
References

Affected packages

OSS-Fuzz / libdwarf

Package

Name
libdwarf
Purl
pkg:generic/libdwarf

Affected ranges

Type
GIT
Repo
https://github.com/davea42/libdwarf-code
Events
Introduced
b77072b86835e5e2d0f7cece727c9251cec6c701
Fixed
27a19350b16995730d82fd1c224a7f22b39c443c
Fixed
7b407f5e8e30e3695c087b1426597d895e586917

Ecosystem specific 

{
    "severity": "HIGH"
}

Database specific

introduced_range 
"4219b9d3c386f75ca5f47ade03def1a157057e49:dd3ca3226b2c48ff8588d02a74a90cdabea4e91c"
fixed_range 
"7ef8486ccdb8e6745c18eeb4ba69f336914c656f:7b407f5e8e30e3695c087b1426597d895e586917"
source 
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libdwarf/OSV-2026-744.yaml"