CVE-2025-69648

GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF .debugrnglists data. A logic flaw in the DWARF parsing path causes readelf to repeatedly print the same warning message without making forward progress, resulting in a...

CVE-2025-69647

GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF loclists data. A logic flaw in the DWARF parsing code can cause readelf to repeatedly print the same table output without making forward progress, resulting in an...

Linux Distros Unpatched Vulnerability : CVE-2025-69646

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debugrnglists data. A logic error in the...

DEBIAN-CVE-2025-69645

Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug information. A logic error in the handling of DWARF compilation units can result in an invalid offsetsize value being used inside bytegetlittleendian, leading to an abort SIGABR...

CVE-2025-69645

The CVE details a denial-of-service in binutils objdump when parsing crafted binaries with malformed DWARF debug info. A logic error in DWARF compilation unit handling can cause an invalid offset_size to be used inside byte_get_little_endian, triggering a crash (SIGABRT). Affects binutils 2.44; i...

CVE-2025-69652

GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an abort SIGABRT when processing a crafted ELF binary with malformed DWARF abbrev or debug information. Due to incomplete state cleanup in processdebuginfo, an invalid debuginfop state may propagate into DWARF attribute parsing...

OESA-2024-1460 libdwarf security update

Libdwarf is a library of functions to provide read/write DWARF debugging records. Security Fixes: A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to deallocfree an allocation twice, potentially causing unpredictable and various...

SUSE CVE-2012-0875

SystemTap 1.7, 1.6.7, and probably other versions, when unprivileged mode is enabled, allows local users to obtain sensitive information from kernel memory or cause a denial of service kernel panic and crash via vectors related to crafted DWARF data, which triggers a read of an invalid pointer...

SUSE CVE-2016-5043

The dwarfdealloc function in libdwarf before 20160923 allows remote attackers to cause a denial of service out-of-bounds read and crash via a crafted DWARF section...

Integer overflow in realloc call

Description Integer overflow in realloc and memcpy calls in coreanalgraphlabel. In the process of concatenating source lines based on DWARF data, the resulting size 32bit signed int can overflow. The sizes of the realloc and memcpy calls differ, and potentially can lead to writes in an unintended...

CVE-2022-38127

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

CVE-2022-38127

Removed by vendor...

libdwarf 缓冲区错误漏洞

libdwarf is a library and command line tool for reading and writing the DWARF2 standardized debug data format. A security vulnerability exists in libdwarf version 0.4.0, which stems from a heap-based buffer over-read in libdwarf...

Libelfin 安全漏洞

Libelfin is a C 11 library for reading ELF binaries and DWARFv4 debug information. A buffer overflow vulnerability exists in the dwarf::linetable::linetable function of Libelfin 0.3. An attacker could exploit this vulnerability to cause a denial of service...

OESA-2021-1186 binutils security update

Security Fixes: There's a flaw in the BFD library of binutils in versions before 2.36. An attacker who supplies a crafted file to an application linked with BFD, and using the DWARF functionality, could cause an impact to system availability by way of excessive memory consumption.CVE-2021-3487...

UBUNTU-CVE-2016-5042

The dwarfgetarangeslist function in libdwarf before 20160923 allows remote attackers to cause a denial of service infinite loop and crash via a crafted DWARF section...

CVE-2012-0875

SystemTap 1.7, 1.6.7, and probably other versions, when unprivileged mode is enabled, allows local users to obtain sensitive information from kernel memory or cause a denial of service kernel panic and crash via vectors related to crafted DWARF data, which triggers a read of an invalid pointer...

Null pointer dereference

SystemTap 1.7, 1.6.7, and probably other versions, when unprivileged mode is enabled, allows local users to obtain sensitive information from kernel memory or cause a denial of service kernel panic and crash via vectors related to crafted DWARF data, which triggers a read of an invalid pointer...

CVE-2012-0875

SystemTap 1.7, 1.6.7, and probably other versions, when unprivileged mode is enabled, allows local users to obtain sensitive information from kernel memory or cause a denial of service kernel panic and crash via vectors related to crafted DWARF data, which triggers a read of an invalid pointer...

PT-2012-1085 · Red Hat +2 · Systemtap +3

Name of the Vulnerable Software and Affected Versions: SystemTap versions 1.6, 1.7 and probably other versions SystemTap versions prior to 2.0 Description: The issue allows local users to obtain sensitive information from kernel memory or cause a denial of service via vectors related to crafted...