libdwarf before 20201017 has a one-byte out-of-bounds read because of an invalid pointer dereference via an invalid line table in a crafted object.
Weakness
The product attempts to return a memory resource to the system, but it calls the wrong release function or calls the appropriate release function incorrectly.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Libdwarf | Libdwarf_project | * | 2020-10-17 (excluding) |
| Dwarfutils | Ubuntu | bionic | * |
| Dwarfutils | Ubuntu | focal | * |
| Dwarfutils | Ubuntu | trusty | * |
| Dwarfutils | Ubuntu | upstream | * |
| Dwarfutils | Ubuntu | xenial | * |
Extended Description
This weakness can take several forms, such as:
Potential Mitigations
- Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- For example, glibc in Linux provides protection against free of invalid pointers.
References
- http://web.archive.org/web/20190601140703/https://sourceforge.net/projects/libdwarf/
- https://bugzilla.redhat.com/show_bug.cgi?id=2025694
- https://github.com/davea42/libdwarf-code/commit/95f634808c01f1c61bbec56ed2395af997f397ea
- https://sourceforge.net/projects/libdwarf/
- https://www.prevanders.net/dwarfbug.html#DW202010-001
- http://web.archive.org/web/20190601140703/https://sourceforge.net/projects/libdwarf/
- https://bugzilla.redhat.com/show_bug.cgi?id=2025694
- https://github.com/davea42/libdwarf-code/commit/95f634808c01f1c61bbec56ed2395af997f397ea
- https://sourceforge.net/projects/libdwarf/
- https://www.prevanders.net/dwarfbug.html#DW202010-001