Bugzilla – Bug 911839
VUL-1: CVE-2014-9482: libdwarf: use-after-free when parsing a crafted ELF file
Last modified: 2024-05-20 13:56:32 UTC
CVE-2014-9482 Use-after-free vulnerability was reported in libdwarf [1]. If dwarfdump is passed a corrupted ELF file, 'Dwarf_Debug' object will be freed in 'dwarf_elf_object_access_finish', but then this object is being referenced later in 'print_error': -------------------------------- res = dwarf_object_init(binary_interface, errhand, errarg, ret_dbg, error); if (res != DW_DLV_OK){ dwarf_elf_object_access_finish(binary_interface); } -------------------------------- ... -------------------------- if (obj->object) { dwarf_elf_object_access_internals_t *internals = (dwarf_elf_object_access_internals_t *)obj->object; -------------------------- References: [1]: https://bugzilla.redhat.com/show_bug.cgi?id=1177758 https://bugzilla.redhat.com/show_bug.cgi?id=1178725
bugbot adjusting priority
Is this part of any product at all? libdwarf doesn't exist as source package in SLE12. It exists as source package in SLE11, but the packages on any medium I could find (looked at desktop/server and SDK) only include libdwarf itself, not libdwarf-tools. So there's no way I think this problem can surface anywhere. If you think different, please tell me how I can reproduce on some relevant product.
ok, looks like just Factory and OpenSUSE are affected