CVE-2024-2002

A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results.

References

Affected packages

Git / github.com/aio-libs/aiohttp

Affected ranges

Type: GIT
Repo: https://github.com/aio-libs/aiohttp
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

5f2b2c0d9f4c9ba97d29057b833edd110d2d22b1

Affected versions

0.*

0.8.2

v.*

v.0.6.5

v0.*

v0.1

v0.2

v0.3

v0.4

v0.4.1

v0.4.2

v0.5.0

v0.6.1

v0.6.2

v0.6.3

v0.6.4

v0.7.0

v0.7.1

v0.7.2

v0.7.3

v0.8.0

v0.8.1

v0.8.3

v0.8.4

v0.9.0

v0.9.1

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-2002.json"

Git / gitlab.com/gnutls/gnutls

Affected ranges

Type: GIT
Repo: https://gitlab.com/gnutls/gnutls
Events: Introduced

a60b67632e088994fb6a708b83187ec3a9906ac2

Fixed

a60f0d1512557a407fdc8acd7a91d8b0a3b91d70

Affected versions

Other

gnutls-0-1-0-srp

gnutls-0_1_2

gnutls_0_1_4

gnutls_0_1_9

gnutls_0_2_0

gnutls_0_2_1

gnutls_0_2_10

gnutls_0_2_11

gnutls_0_2_2

gnutls_0_2_3

gnutls_0_2_4

gnutls_0_2_9

gnutls_0_2_90

gnutls_0_2_91

gnutls_0_3_0

gnutls_0_3_1

gnutls_0_3_2

gnutls_0_3_90

gnutls_0_3_91

gnutls_0_3_92

gnutls_0_4_0

gnutls_0_4_1

gnutls_0_4_2

gnutls_0_4_3

gnutls_0_4_with_libtasn1

gnutls_0_5_0

gnutls_0_5_1

gnutls_0_5_10

gnutls_0_5_11

gnutls_0_5_4

gnutls_0_5_5

gnutls_0_5_6

gnutls_0_5_7

gnutls_0_5_8

gnutls_0_5_9

gnutls_0_5_x_before_export_ciphersuites

gnutls_0_5_x_before_int_fixes

gnutls_0_5_x_before_types_change

gnutls_0_5_x_with_export_ciphersuites

gnutls_0_6_0

gnutls_0_8_0

gnutls_0_8_1

gnutls_0_9_1

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-2002.json"