Vulnerability Details CVE-2020-24823
A vulnerability in the dwarf::to_string function of Libelfin v0.3 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted ELF file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 49.2%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 4.3
References
- https://github.com/aclements/libelfin/issues/51
- https://github.com/xiaoxiongwang/function_bugs/tree/master/libelfin#segv-in-function-dwarfto_string-at-dwarfvaluecc300
- https://github.com/aclements/libelfin/issues/51
- https://github.com/xiaoxiongwang/function_bugs/tree/master/libelfin#segv-in-function-dwarfto_string-at-dwarfvaluecc300
Products affected by CVE-2020-24823
-
cpe:2.3:a:libelfin_project:libelfin:0.3