A null pointer dereference vulnerability was found in libdwarf. It exists due to a corrupted object file. Libdwarf was not dealing with empty (bss-like) sections since it really did not expect to see such in sections it reads. Now libdwarf catches the object error so dwarfdump sees the section as empty.
References (with a link to PoC):
If you want to report an issue with the Fedora package then please do so against the proper component.
In the meantime please stop adding me to your RedHat internal security bugs.
Created libdwarf tracking bugs for this issue:
Affects: fedora-all [bug 1340128]
Affects: epel-6 [bug 1340129]