[manjaro-security] [arch-security] [ASA-201606-23] libdwarf: arbitrary code execution
rgacogne at archlinux.org
Sat Jun 25 19:23:31 CEST 2016
Arch Linux Security Advisory ASA-201606-23
Date : 2016-06-25
CVE-ID : CVE-2016-5027 CVE-2016-5028 CVE-2016-5029 CVE-2016-5030
CVE-2016-5031 CVE-2016-5032 CVE-2016-5033 CVE-2016-5034
CVE-2016-5035 CVE-2016-5036 CVE-2016-5037 CVE-2016-5038
CVE-2016-5039 CVE-2016-5040 CVE-2016-5041 CVE-2016-5042
Package : libdwarf
Type : arbitrary code execution
Remote : No
Link : https://wiki.archlinux.org/index.php/CVE
The package libdwarf before version 20160613-1 is vulnerable to
arbitrary code execution.
Upgrade to 20160613-1.
# pacman -Syu "libdwarf>=20160613-1"
The problems have been fixed upstream in version 20160613.
- CVE-2016-5027 (denial of service)
Multiple NULL pointer dereference issues in several functions of
libdwarf/dwarf_leb.c, where leb128_length was wrongly assumed non-NULL.
- CVE-2016-5028 (denial of service)
NULL pointer dereference issue in print_frame_inst_bytes().
- CVE-2016-5029 (denial of service)
NULL pointer dereference issue in create_fullest_file_path().
- CVE-2016-5030 (denial of service)
NULL pointer dereference issue in _dwarf_calculate_info_section_end_ptr().
- CVE-2016-5031 (denial of service)
Out-of-bounds read bug in print_frame_inst_bytes().
- CVE-2016-5032 (denial of service)
Out-of-bounds read bug in dwarf_get_xu_hash_entry().
- CVE-2016-5033 (denial of service)
Out-of-bounds read bug in print_exprloc_content().
- CVE-2016-5034 (arbitrary code execution)
Invalid write in dwarf_elf_access.c.
- CVE-2016-5035 (denial of service)
Out-of-bounds read bug in _dwarf_read_line_table_header().
- CVE-2016-5036 (denial of service)
Out-of-bounds read bug in dump_block().
- CVE-2016-5037 (denial of service)
NULL pointer dereference issue in _dwarf_load_section().
- CVE-2016-5038 (denial of service)
NULL pointer dereference issue in dwarf_get_macro_startend_file().
- CVE-2016-5039 (denial of service)
Out-of-bounds read bug in get_attr_value().
- CVE-2016-5040 (denial of service)
Out-of-bounds read bug.
- CVE-2016-5041 (denial of service)
NULL pointer dereference issue.
- CVE-2016-5042 (denial of service)
Infinite loop leading to out-of-bounds read in dwarf_get_aranges_list().
- CVE-2016-5043 (denial of service)
Out-of-bounds read bug in dwarf_dealloc().
- CVE-2016-5044 (arbitrary code execution)
An attacker might be able to execute arbitrary code on the affected host
with a crafted ELF file, or crafted dwarf sections in a object file.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 801 bytes
Desc: OpenPGP digital signature
More information about the manjaro-security