CVE-2020-27545

medium

Description

libdwarf before 20201017 has a one-byte out-of-bounds read because of an invalid pointer dereference via an invalid line table in a crafted object.

References

Advisories
More

https://www.prevanders.net/dwarfbug.html#DW202010-001

https://bugzilla.redhat.com/show_bug.cgi?id=2025694

https://sourceforge.net/projects/libdwarf/

https://github.com/davea42/libdwarf-code/commit/95f634808c01f1c61bbec56ed2395af997f397ea

http://web.archive.org/web/20190601140703/https://sourceforge.net/projects/libdwarf/

Details

Source: Mitre, NVD

Published: 2023-04-16

Updated: 2025-02-06

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Severity: High

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00057