Bug 2026683 (CVE-2020-27545) - CVE-2020-27545 libdwarf: carefully corrupted line table can crash calling app
Summary: CVE-2020-27545 libdwarf: carefully corrupted line table can crash calling app
Keywords:
Status: NEW
Alias: CVE-2020-27545
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On: 2027570
Blocks: 2026686
TreeView+ depends on / blocked
 
Reported: 2021-11-25 13:52 UTC by Guilherme de Almeida Suckevicz
Modified: 2023-07-07 08:27 UTC (History)
5 users (show)

Fixed In Version: libdwarf-0.3.1
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in libdwarf. A possible memory leak allows an attacker to input a specially crafted file, leading to a crash. The highest threat from this vulnerability is to system availability.
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description Guilherme de Almeida Suckevicz 2021-11-25 13:52:35 UTC
A carefully crafted object with an invalid line table could cause libdwarf to dereference a pointer reading a single byte outside of the intended .debug_line section and potentially outside of memory visible to the library. A segmentation fault is possible. The code testing for the error was coded incorrectly so an invalid dereference could occur. Now the test code is correct and the error is detected resulting in a normal error return.

Reference:
https://www.prevanders.net/dwarfbug.html

Comment 1 Tom Hughes 2021-11-25 14:11:03 UTC
Please stop subscribing me to bugs wihout my permission.

I am the maintainer for the Fedora builds of libdwarf and bugzilla will automatically include me on any bugs you open against it for Fedora.

I do not need to be added to bugs RedHat use for their internal security response administration.


Note You need to log in before you can comment on or make changes to this bug.