Headline
CVE-2022-39170: A new vulnerability: DW202208-001 · davea42/libdwarf-code@60303eb
libdwarf 0.4.1 has a double free in _dwarf_exec_frame_instr in dwarf_frame.c.
Permalink
Browse files
A new vulnerability: DW202208-001
- Loading branch information
David Anderson committed
Aug 27, 2022
1 parent 271cc04 commit 60303eb80ecc7747bf29776d545e2a5c5a76f6f8
Showing 1 changed file with 25 additions and 0 deletions.
@@ -1,4 +1,29 @@
id: DW202208-001
cve:
fuzzer: unspecified
datereported: 2022-08-27
reportedby: Han Zheng
vulnerability: Double free in dwarfdump
product: dwarfdump
description: A carefully corrupted object file
would cause dwarfdump -vv -a
to do a double free in handling an error condition.
That could cause a segmentation violation or other
major error, terminating the calling application and
resulting in Denial Of Service.
datefixed:
references: regressiontests/hanzheng/fuzzedobject
gitfixid:
tarrelease:
endrec: DW202208-001
id: DW202207-001
cve:
fuzzer: ossfuzz
0 comments on commit 60303eb
Please sign in to comment.