CVE-2022-32200

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-32200
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-32200.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-32200
Downstream
Related
Published
2022-06-02T14:16:01Z
Modified
2025-09-16T07:24:24.098433Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

libdwarf 0.4.0 has a heap-based buffer over-read in dwarfcheckstringvalid in dwarf_util.c.

References

Affected packages

Debian:11 / dwarfutils

Package

Name
dwarfutils
Purl
pkg:deb/debian/dwarfutils?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

Other

20201201-1
20210528-1

1:0.*

1:0.11.1-1~exp1
1:0.11.1-1~exp2
1:0.11.1-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:12 / dwarfutils

Package

Name
dwarfutils
Purl
pkg:deb/debian/dwarfutils?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

Other

20210528-1

1:0.*

1:0.11.1-1~exp1
1:0.11.1-1~exp2
1:0.11.1-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:13 / dwarfutils

Package

Name
dwarfutils
Purl
pkg:deb/debian/dwarfutils?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:0.11.1-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:14 / dwarfutils

Package

Name
dwarfutils
Purl
pkg:deb/debian/dwarfutils?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:0.11.1-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Git / github.com/davea42/libdwarf-code

Affected ranges

Type
GIT
Repo
https://github.com/davea42/libdwarf-code
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
8151575a6ace77d005ca5bb5d71c1bfdba3f7069

Affected versions

Other

20110113
20110605
20110607
20110612
20110908
20111009
20111030
20111214
20120410
20121127
20121130
20130125
20130126
20130207
20130729
20130729-b
20140131
20140208
20140413
20140519
20140805
20150112
20150115
20150310
20150507
20150913
20150915
20151114
20160116
20160507
20160613
20160923
20160929
20161001
20161021
20161124
20170416
20170709
20180129
20180527
20180723
20180724
20180809
20181024
20190104
20190110
20190505
20190529
20191002
20191104
20200114
20200703
20200719
20200825
20201020
20201201
20210305
20210528

libdwarf-0.*

libdwarf-0.1.1
libdwarf-0.2.0
libdwarf-0.3.0
libdwarf-0.3.1
libdwarf-0.3.2
libdwarf-0.3.3
libdwarf-0.3.4
libdwarf-0.4.0

v0.*

v0.3.4
v0.4.0

Database specific 

{
    "vanir_signatures": [
        {
            "id": "CVE-2022-32200-77371b43",
            "deprecated": false,
            "source": "https://github.com/davea42/libdwarf-code/commit/8151575a6ace77d005ca5bb5d71c1bfdba3f7069",
            "signature_type": "Function",
            "target": {
                "file": "src/lib/libdwarf/dwarf_global.c",
                "function": "_dwarf_internal_get_pubnames_like_data"
            },
            "signature_version": "v1",
            "digest": {
                "function_hash": "180134011860476916741727590627653524462",
                "length": 6497.0
            }
        },
        {
            "id": "CVE-2022-32200-96e76880",
            "deprecated": false,
            "source": "https://github.com/davea42/libdwarf-code/commit/8151575a6ace77d005ca5bb5d71c1bfdba3f7069",
            "signature_type": "Line",
            "target": {
                "file": "src/lib/libdwarf/dwarf_global.c"
            },
            "signature_version": "v1",
            "digest": {
                "line_hashes": [
                    "105452472307704943989628825587070833665",
                    "318010844446550855911117167534947273534",
                    "232956743512814284022582453262001133788",
                    "66376023381154250859184221919304176901",
                    "315282769935730402221788470433923486467",
                    "334521993224221255669728676640307087683",
                    "99233554693935238173537459353427327200",
                    "104030429930485110275811868671859879413",
                    "93001142976008720083791221038502107346",
                    "19028682389115033801921731463655431512",
                    "66652464949448767028211943453364736848",
                    "289595022467853742479892745732121572232",
                    "30086007497845496170573473888063801656",
                    "313679785871146910055858506277493303658",
                    "108924846109711695785226287105189968234",
                    "191248088806397029796208288639914013871",
                    "232795120665924206972521398381405667476",
                    "326615293463766354548818522539543954245",
                    "145856008601471662483693570260351725116",
                    "148410663626131732622167948584749532227",
                    "70206371186490335491615876815479259072",
                    "280450742140493662865735614323153289325",
                    "120033726953093145825595891087998670718",
                    "166589602757590722227781022336663464585",
                    "23646741518148293911789250102547666370",
                    "258083991025931596541238964486816693366",
                    "183654469208859632018114676421777959121",
                    "4231038119223413661969814379532751690"
                ],
                "threshold": 0.9
            }
        }
    ]
}