#VU39997 Buffer overflow in libdwarf - CVE-2016-9480

Cybersecurity Help s.r.o.

Published: 2016-11-30 | Updated: 2020-08-09

Vulnerability identifier: #VU39997

Vulnerability risk: High

CVSSv4.0: 6.8 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2016-9480

CWE-ID: CWE-119

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
libdwarf
Universal components / Libraries / Libraries used by multiple products

Vendor: David Anderson

Description

The vulnerability allows a remote non-authenticated attacker to #BASIC_IMPACT#.

libdwarf 2016-10-21 allows context-dependent attackers to obtain sensitive information or cause a denial of service by using the "malformed dwarf file" approach, related to a "Heap Buffer Over-read" issue affecting the dwarf_util.c component, aka DW201611-006.

Mitigation
Install update from vendor's website.

Vulnerable software versions

libdwarf: 2016-10-21

External links
https://www.securityfocus.com/bid/94980
https://sourceforge.net/p/libdwarf/bugs/5/
https://sourceforge.net/p/libdwarf/code/ci/5dd64de047cd5ec479fb11fe7ff2692fd819e5e5/
https://www.prevanders.net/dwarfbug.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Buffer overflow in libdwarf