An out-of-bounds write was found in libdwarf. Test object shows an invalid write in dwarf_elf_access.c (when doing the relocations). Adding the relocation value to anything overflowed and disguised the bad relocation record. With a 32bit kernel build the test could show a double-free and coredump due to the unchecked invalid writes from relocations. References: http://seclists.org/oss-sec/2016/q2/393 External references: https://www.prevanders.net/dwarfbug.html Upstream fix: https://sourceforge.net/p/libdwarf/code/ci/10ca310f64368dc083efacac87732c02ef560a92
Created libdwarf tracking bugs for this issue: Affects: fedora-all [bug 1340128] Affects: epel-6 [bug 1340129]