CVE-2019-14249

MEDIUM

libdwarf <2019-07-05 - DoS

Title source: llm

Description

dwarf_elf_load_headers.c in libdwarf before 2019-07-05 allows attackers to cause a denial of service (division by zero) via an ELF file with a zero-size section group (SHT_GROUP), as demonstrated by dwarfdump.

References (3)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/109380

[Patch, Third Party Advisory] https://sourceforge.net/p/libdwarf/code/ci/cb7198abde46c2ae29957ad460da6886eaa606ba/tree/libdwarf/dwarf_elf_load_headers.c?diff=99e77c3894877a1dd80b82808d8309eded4e5599

[Patch, Third Party Advisory] https://sourceforge.net/p/libdwarf/code/merge-requests/4/

Scores

CVSS v3 6.5

EPSS 0.0047

EPSS Percentile 64.4%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Classification

CWE

CWE-369

Status published

Affected Products (1)

libdwarf_project/libdwarf < 2019-07-05

Timeline

Published Jul 24, 2019

Tracked Since Feb 18, 2026