Lucene search

K
cve[email protected]CVE-2022-39170
HistorySep 02, 2022 - 3:15 a.m.

CVE-2022-39170

2022-09-0203:15:07
CWE-415
web.nvd.nist.gov
42
10
cve-2022-39170
libdwarf
nvd
security vulnerability
double free
_dwarf_exec_frame_instr
dwarf_frame.c

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.3%

libdwarf 0.4.1 has a double free in _dwarf_exec_frame_instr in dwarf_frame.c.

Affected configurations

NVD
Node
libdwarf_projectlibdwarfMatch0.4.1
Node
fedoraprojectfedoraMatch37

Social References

More

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.3%