CVE-2018-16403

libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarf_getabbrev in dwarf_getabbrev.c and dwarf_hasattr in dwarf_hasattr.c, leading to a heap-based buffer over-read and an application crash.
Configurations

Configuration 1

cpe:2.3:a:elfutils_project:elfutils:0.173:*:*:*:*:*:*:*

Information

Published : 2018-09-03 07:29

Updated : 2019-10-03 12:03


NVD link : CVE-2018-16403

Mitre link : CVE-2018-16403

Products Affected
No products.
CWE
CWE-125

Out-of-bounds Read