A vulnerability in the dwarf::cursor::uleb function of Libelfin v0.3 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted ELF file.
References
| Link | Resource |
|---|---|
| https://github.com/aclements/libelfin/issues/50 | Exploit Issue Tracking Third Party Advisory |
| https://github.com/xiaoxiongwang/function_bugs/tree/master/libelfin#segv-in-function-dwarfcursoruleb128-at-dwarfinternalhh154 | Exploit Third Party Advisory |
| https://github.com/aclements/libelfin/issues/50 | Exploit Issue Tracking Third Party Advisory |
| https://github.com/xiaoxiongwang/function_bugs/tree/master/libelfin#segv-in-function-dwarfcursoruleb128-at-dwarfinternalhh154 | Exploit Third Party Advisory |
Configurations
History
21 Nov 2024, 05:16
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://github.com/aclements/libelfin/issues/50 - Exploit, Issue Tracking, Third Party Advisory | |
| References | () https://github.com/xiaoxiongwang/function_bugs/tree/master/libelfin#segv-in-function-dwarfcursoruleb128-at-dwarfinternalhh154 - Exploit, Third Party Advisory |
Information
Published : 2021-08-04 15:15
Updated : 2024-11-21 05:16
NVD link : CVE-2020-24822
Mitre link : CVE-2020-24822
CVE.ORG link : CVE-2020-24822
JSON object : View
Products Affected
libelfin_project
- libelfin
CWE
CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')