CVE-2016-5042 in Ubuntu

CVE-2016-5042

Priority

Description

The dwarf_get_aranges_list function in libdwarf before 20160923 allows
remote attackers to cause a denial of service (infinite loop and crash) via
a crafted DWARF section.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5042

Notes

Package

Source: dwarfutils (LP Ubuntu Debian)

Upstream:	released (20160507-1)
Ubuntu 14.04 ESM:	DNE (trusty was released [20120410-2+deb7u2build0.14.04.1])
Ubuntu 20.04 FIPS Compliant:	not-affected (20160507-1)

Patches:

Upstream:

https://sourceforge.net/p/libdwarf/code/ci/98a3da1e8237fe0d45b67ef77f3fa5ed9ff0215f/

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2022-04-13 12:22:50 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)