The dwarf_read_cie_fde_prefix function in dwarf_frame2.c in libdwarf 20151114 allows attackers to cause a denial of service (out-of-bounds read) via a crafted ELF object file. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Denial Of Service
Information Disclosure
Buffer Overflow
Libdwarf
NVD
CVSS 3.1
3.3
EPSS
0.2%