libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarf_getabbrev in dwarf_getabbrev.c and dwarf_hasattr in dwarf_hasattr.c, leading to a heap-based buffer over-read and an application crash.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2018-09-03T19:00:00
Updated: 2024-08-05T10:24:32.190Z
Reserved: 2018-09-03T00:00:00
Link: CVE-2018-16403
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-09-03T19:29:00.620
Modified: 2024-11-21T03:52:40.947
Link: CVE-2018-16403
Redhat