David Anderson

5 exploits Active since Jun 2022
CVE-2020-27545 WRITEUP MEDIUM WRITEUP
libdwarf <20201017 - Memory Corruption
libdwarf before 20201017 has a one-byte out-of-bounds read because of an invalid pointer dereference via an invalid line table in a crafted object.
CVSS 6.5
CVE-2020-28163 WRITEUP MEDIUM WRITEUP
libdwarf < 2020-12-01 - Denial of Service via DWARF5 Line-Table Header Pathname FORM
libdwarf before 20201201 allows a dwarf_print_lines.c NULL pointer dereference and application crash via a DWARF5 line-table header that has an invalid FORM for a pathname.
CVSS 6.5
CVE-2022-32200 WRITEUP HIGH WRITEUP
libdwarf 0.4.0 - Heap-Based Buffer Over-Read in _dwarf_check_string_valid
libdwarf 0.4.0 has a heap-based buffer over-read in _dwarf_check_string_valid in dwarf_util.c.
CVSS 7.8
CVE-2022-34299 WRITEUP HIGH WRITEUP
libdwarf 0.4.0 - Heap-Based Buffer Over-Read in dwarf_global_formref_b
There is a heap-based buffer over-read in libdwarf 0.4.0. This issue is related to dwarf_global_formref_b.
CVSS 8.1
CVE-2022-39170 WRITEUP HIGH WRITEUP
libdwarf 0.4.1 - Double Free in dwarf_frame.c
libdwarf 0.4.1 has a double free in _dwarf_exec_frame_instr in dwarf_frame.c.
CVSS 8.8