libdwarf heap buffer overflow vulnerability (CNVD-2017-07537)

libdwarf is a set of tools for reading and writing DWARF2 debugging information. A heap buffer overflow vulnerability exists in the 'dwarfreadlocexprop' function in libdwarf version 2017-03-21. An attacker can exploit this vulnerability to cause a heap buffer read over boundary...

UBUNTU-CVE-2017-9053

An issue, also known as DW201703-005, was discovered in libdwarf 2017-03-21. A heap-based buffer over-read in dwarfreadlocexprop is due to a failure to check a pointer for being in bounds in a few places in this function...