CVE-2020-28163
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2020-28163
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-28163.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2020-28163
- Related
- Published
- 2023-04-16T00:15:07Z
- Modified
- 2025-03-29T05:49:54.832909Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
libdwarf before 20201201 allows a dwarfprintlines.c NULL pointer dereference and application crash via a DWARF5 line-table header that has an invalid FORM for a pathname.
- References
-
- https://github.com/davea42/libdwarf-code/commit/faf99408e3f9f706fc3809dd400e831f989778d3
- https://bugzilla.redhat.com/show_bug.cgi?id=2026000
- http://web.archive.org/web/20190601140703/https://sourceforge.net/projects/libdwarf/
- https://www.prevanders.net/dwarfbug.html#DW202010-003
- https://security-tracker.debian.org/tracker/CVE-2020-28163
Affected packages
Debian:11 / dwarfutils
Package
- Name
- dwarfutils
- Purl
- pkg:deb/debian/dwarfutils?arch=source
Debian:12 / dwarfutils
Package
- Name
- dwarfutils
- Purl
- pkg:deb/debian/dwarfutils?arch=source
Debian:13 / dwarfutils
Package
- Name
- dwarfutils
- Purl
- pkg:deb/debian/dwarfutils?arch=source
Git / github.com/davea42/libdwarf-code
Affected ranges
- Type
- GIT
- Repo
- https://github.com/davea42/libdwarf-code
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedFixed
Affected versions
Other
20110113
20110605
20110607
20110612
20110908
20111009
20111030
20111214
20120410
20121127
20121130
20130125
20130126
20130207
20130729
20130729-b
20140131
20140208
20140413
20140519
20140805
20150112
20150115
20150310
20150507
20150913
20150915
20151114
20160116
20160507
20160613
20160923
20160929
20161001
20161021
20161124
20170416
20170709
20180129
20180527
20180723
20180724
20180809
20181024
20190104
20190110
20190505
20190529
20191002
20191104
20200114
20200703
20200719
20200825
20201020