The dwarfreadciefdeprefix function in dwarf_frame2.c in libdwarf 20151114 allows attackers to cause a denial of service (out-of-bounds read) via a crafted ELF object file.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "20120410-2+deb7u2build0.14.04.1", "binary_name": "dwarfdump" }, { "binary_version": "20120410-2+deb7u2build0.14.04.1", "binary_name": "dwarfdump-dbgsym" }, { "binary_version": "20120410-2+deb7u2build0.14.04.1", "binary_name": "libdwarf-dev" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "20120410-2+deb7u2build0.16.04.1", "binary_name": "dwarfdump" }, { "binary_version": "20120410-2+deb7u2build0.16.04.1", "binary_name": "dwarfdump-dbgsym" }, { "binary_version": "20120410-2+deb7u2build0.16.04.1", "binary_name": "libdwarf-dev" } ] }