CVE-2024-2002

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-2002
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-2002.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-2002
Downstream
Published
2024-03-18T13:15:07.657Z
Modified
2026-04-09T09:54:52.622191Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results.

References

Affected packages

Git / github.com/davea42/libdwarf-code

Affected ranges

Type
GIT
Repo
https://github.com/davea42/libdwarf-code
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
5e43a5ab73cb00c8a46660b361366a8c9c3c93c9
Database specific 
{
    "versions": [
        {
            "introduced": "0.1.0"
        },
        {
            "fixed": "0.9.2"
        }
    ]
}

Affected versions

Other
20110113
20110605
20110607
20110612
20110908
20111009
20111030
20111214
20120410
20121127
20121130
20130125
20130126
20130207
20130729
20130729-b
20140131
20140208
20140413
20140519
20140805
20150112
20150115
20150310
20150507
20150913
20150915
20151114
20160116
20160507
20160613
20160923
20160929
20161001
20161021
20161124
20170416
20170709
20180129
20180527
20180723
20180724
20180809
20181024
20190505
20190529
20191002
20191104
20200114
20200703
20200719
20200825
20201020
20201201
20210305
20210528
libdwarf-0.*
libdwarf-0.1.1
libdwarf-0.2.0
libdwarf-0.3.0
libdwarf-0.3.1
libdwarf-0.3.2
libdwarf-0.3.3
libdwarf-0.3.4
libdwarf-0.4.0
libdwarf-0.4.1
libdwarf-0.4.2
libdwarf-0.5.0
libdwarf-0.6.0
libdwarf-0.7.0
libdwarf-0.8.0-fixedtag
libdwarf-0.9.0
libdwarf-0.9.1
v0.*
v0.3.4
v0.4.0
v0.4.1
v0.4.2
v0.5.0
v0.6.0
v0.7.0
v0.8.0
v0.8.0-fixedtag
v0.9.0
v0.9.1

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-2002.json"
unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "40"
            }
        ]
    }
]