CVE-2024-2002
- Source
- https://cve.org/CVERecord?id=CVE-2024-2002
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-2002.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-2002
- Downstream
- Published
- 2024-03-18T12:26:31.386Z
- Modified
- 2026-05-12T04:13:05.519109Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- Libdwarf: crashes randomly on fuzzed object
- Details
-
A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results.
- Database specific
{ "cwe_ids": [ "CWE-415" ], "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/2xxx/CVE-2024-2002.json", "cna_assigner": "redhat" }- References
-
- https://access.redhat.com/downloads/content/package-browser/
- https://github.com/davea42/libdwarf-code/
- https://github.com/davea42/libdwarf-code/blob/main/bugxml/data.txt
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGPVLSPIXR32J6FOAFTTIMYTUUXJICGW/
- https://access.redhat.com/security/cve/CVE-2024-2002
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/2xxx/CVE-2024-2002.json
- https://nvd.nist.gov/vuln/detail/CVE-2024-2002
- https://bugzilla.redhat.com/show_bug.cgi?id=2267700
Affected packages
Git / github.com/davea42/libdwarf-code
Affected ranges
- Type
- GIT
- Repo
- https://github.com/davea42/libdwarf-code
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
- Database specific
{ "cpe": "cpe:2.3:a:libdwarf_project:libdwarf:*:*:*:*:*:*:*:*", "source": "CPE_FIELD", "extracted_events": [ { "introduced": "0.1.0" }, { "fixed": "0.9.2" } ] }
Affected versions
Other
20110113
20110605
20110607
20110612
20110908
20111009
20111030
20111214
20120410
20121127
20121130
20130125
20130126
20130207
20130729
20130729-b
20140131
20140208
20140413
20140519
20140805
20150112
20150115
20150310
20150507
20150913
20150915
20151114
20160116
20160507
20160613
20160923
20160929
20161001
20161021
20161124
20170416
20170709
20180129
20180527
20180723
20180724
20180809
20181024
20190505
20190529
20191002
20191104
20200114
20200703
20200719
20200825
20201020
20201201
20210305
20210528
libdwarf-0.*
libdwarf-0.1.1
libdwarf-0.2.0
libdwarf-0.3.0
libdwarf-0.3.1
libdwarf-0.3.2
libdwarf-0.3.3
libdwarf-0.3.4
libdwarf-0.4.0
libdwarf-0.4.1
libdwarf-0.4.2
libdwarf-0.5.0
libdwarf-0.6.0
libdwarf-0.7.0
libdwarf-0.8.0-fixedtag
libdwarf-0.9.0
libdwarf-0.9.1
v0.*
v0.3.4
v0.4.0
v0.4.1
v0.4.2
v0.5.0
v0.6.0
v0.7.0
v0.8.0
v0.8.0-fixedtag
v0.9.0
v0.9.1