Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DLA-669-1:721AC
HistoryOct 19, 2016 - 2:57 p.m.

[SECURITY] [DLA 669-1] dwarfutils security update

2016-10-1914:57:04
lists.debian.org
10

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6.8 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.1%

JSON

Package : dwarfutils
Version : 20120410-2+deb7u2
CVE ID : CVE-2015-8538 CVE-2015-8750 CVE-2016-2050 CVE-2016-2091
CVE-2016-5034 CVE-2016-5036 CVE-2016-5038 CVE-2016-5039 CVE-2016-5042

Several vulnerabilities were discovered in dwarfutils, a tool and
library for reading/consuming and writing/producing DWARF debugging
information. The Common Vulnerabilities and Exposures project
identifies the following issues:

CVE-2015-8538

A specially crafted ELF file can cause a segmentation fault.

CVE-2015-8750

A specially crafted ELF file can cause a NULL pointer
dereference.

CVE-2016-2050

Out-of-bounds write

CVE-2016-2091

Out-of-bounds read

CVE-2016-5034

Out-of-bounds write

CVE-2016-5036

Out-of-bounds read

CVE-2016-5038

Out-of-bounds read

CVE-2016-5039

Out-of-bounds read

CVE-2016-5042

A specially crafted DWARF section can cause an infinite loop,
reading from increasing memory addresses until the application
crashes.

For Debian 7 "Wheezy", these problems have been fixed in version
20120410-2+deb7u2.

We recommend that you upgrade your dwarfutils packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

OSVersionArchitecturePackageVersionFilename
Debian8amd64dwarfdump< 20120410-2+deb8u1dwarfdump_20120410-2+deb8u1_amd64.deb
Debian8mipsellibdwarf-dev< 20120410-2+deb8u1libdwarf-dev_20120410-2+deb8u1_mipsel.deb
Debian8mipsdwarfdump< 20120410-2+deb8u1dwarfdump_20120410-2+deb8u1_mips.deb
Debian7i386dwarfdump< 20120410-2+deb7u2dwarfdump_20120410-2+deb7u2_i386.deb
Debian8armhfdwarfdump< 20120410-2+deb8u1dwarfdump_20120410-2+deb8u1_armhf.deb
Debian8arm64dwarfdump< 20120410-2+deb8u1dwarfdump_20120410-2+deb8u1_arm64.deb
Debian7armhfdwarfdump< 20120410-2+deb7u2dwarfdump_20120410-2+deb7u2_armhf.deb
Debian7i386libdwarf-dev< 20120410-2+deb7u2libdwarf-dev_20120410-2+deb7u2_i386.deb
Debian8mipslibdwarf-dev< 20120410-2+deb8u1libdwarf-dev_20120410-2+deb8u1_mips.deb
Debian8powerpcdwarfdump< 20120410-2+deb8u1dwarfdump_20120410-2+deb8u1_powerpc.deb
Rows per page:
1-10 of 301

Related

nessus 8
osv 3
openvas 5
fedora 1
cve 9
cvelist 9
nvd 9
alpinelinux 1
debiancve 9
ubuntucve 9
veracode 2
prion 9
debian 1
archlinux 2
redhatcve 5
rosalinux 1
nessus
nessus
Debian DLA-669-1 : dwarfutils security update
2016-10-20 00:00:00
EulerOS 2.0 SP5 : libdwarf (EulerOS-SA-2019-2204)
2019-11-08 00:00:00
Fedora 24 : libdwarf (2016-f36c5935e5)
2016-07-14 00:00:00
osv
osv
dwarfutils - security update
2016-10-19 00:00:00
CVE-2015-8538
2017-06-07 20:29:00
dwarfutils - security update
2016-01-15 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-669-1)
2023-03-08 00:00:00
Huawei EulerOS: Security Advisory for libdwarf (EulerOS-SA-2019-2204)
2020-01-23 00:00:00
Fedora Update for libdwarf FEDORA-2016-f36c5935e5
2016-06-08 00:00:00
fedora
fedora
[SECURITY] Fedora 24 Update: libdwarf-20160507-1.fc24
2016-05-12 16:19:22
cve
cve
CVE-2015-8538
2017-06-07 20:29:00
CVE-2016-5042
2017-02-17 17:59:00
CVE-2016-5038
2017-02-17 17:59:00
cvelist
cvelist
CVE-2015-8538
2017-06-07 20:00:00
CVE-2015-8750
2017-02-13 18:00:00
CVE-2016-5042
2017-02-17 17:00:00
nvd
nvd
CVE-2015-8538
2017-06-07 20:29:00
CVE-2015-8750
2017-02-13 18:59:00
CVE-2016-2050
2017-01-31 19:59:00
alpinelinux
alpinelinux
CVE-2015-8538
2017-06-07 20:29:00
debiancve
debiancve
CVE-2015-8538
2017-06-07 20:29:00
CVE-2015-8750
2017-02-13 18:59:00
CVE-2016-5038
2017-02-17 17:59:00
ubuntucve
ubuntucve
CVE-2015-8538
2017-06-07 00:00:00
CVE-2015-8750
2017-02-13 00:00:00
CVE-2016-5038
2017-02-17 00:00:00
veracode
veracode
Denial Of Service (DoS)
2018-08-01 06:46:19
Denial Of Service (DoS)
2018-08-01 05:45:58
prion
prion
Design/Logic Flaw
2017-06-07 20:29:00
Null pointer dereference
2017-02-13 18:59:00
Out-of-bounds
2017-01-31 19:59:00
debian
debian
[SECURITY] [DLA 388-1] dwarfutils security update
2016-01-15 10:26:50
archlinux
archlinux
libdwarf: denial of service
2016-01-21 00:00:00
libdwarf: arbitrary code execution
2016-06-25 00:00:00
redhatcve
redhatcve
CVE-2016-5038
2016-05-26 13:19:04
CVE-2016-5042
2016-05-26 13:48:53
CVE-2016-5036
2016-05-26 13:18:53
rosalinux
rosalinux
Advisory ROSA-SA-2021-1866
2021-07-02 17:13:15

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6.8 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.1%

JSON
Related for DEBIAN:DLA-669-1:721AC
nessus8osv3openvas5fedora1cve9cvelist9nvd9alpinelinux1debiancve9ubuntucve9veracode2prion9debian1archlinux2redhatcve5rosalinux1