CVE-2016-5044

Published: 17/02/2017 Updated: 01/03/2022

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

The WRITE_UNALIGNED function in dwarf_elf_access.c in libdwarf prior to 20160923 allows remote malicious users to cause a denial of service (out-of-bounds write and crash) via a crafted DWARF section.

Vulnerable Product	Search on Vulmon	Subscribe to Product
libdwarf project libdwarf

The WRITE_UNALIGNED function in dwarf_elf_accessc in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via a crafted DWARF section ...

A vulnerability was found in libdwarf in dwarf_elf_accessc:1071 A crafted ELF file may lead to a large offset value, which bigger than the size of target_section heap chunk, then this WRITE_UNALIGNED() function will write the value of &outval out of the heap chunk The offset is a 64bit unsigned int value, so this is more than a heap overflow ...

CWE-787 https://www.prevanders.net/dwarfbug.html http://www.openwall.com/lists/oss-security/2016/05/25/1 http://www.openwall.com/lists/oss-security/2016/05/24/1 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2016-5044 https://security.archlinux.org/CVE-2016-5044

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2016-5044

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect