{"schema_version":"1.7.2","id":"OESA-2022-1820","modified":"2022-08-11T11:04:07Z","published":"2022-08-11T11:04:07Z","upstream":["CVE-2020-27545","CVE-2020-28163"],"summary":"libdwarf security update","details":"Libdwarf is a library of functions to provide read/write DWARF debugging records.\r\n\r\nSecurity Fix(es):\r\n\r\nA flaw was found in libdwarf. A possible memory leak allows an attacker to input a specially crafted file, leading to a crash. The highest threat from this vulnerability is to system availability.(CVE-2020-27545)\n\nA flaw was found in libdwarf. A possible null pointer dereference vulnerability allows an attacker to input a specially crafted file, leading to a crash. The highest threat from this vulnerability is to system availability.(CVE-2020-28163)","affected":[{"package":{"ecosystem":"openEuler:20.03-LTS-SP3","name":"libdwarf","purl":"pkg:rpm/openEuler/libdwarf\u0026distro=openEuler-20.03-LTS-SP3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"20210528-1.oe1"}]}],"ecosystem_specific":{"aarch64":["libdwarf-20210528-1.oe1.aarch64.rpm","libdwarf-debuginfo-20210528-1.oe1.aarch64.rpm","libdwarf-debugsource-20210528-1.oe1.aarch64.rpm","libdwarf-tools-20210528-1.oe1.aarch64.rpm","libdwarf-devel-20210528-1.oe1.aarch64.rpm"],"noarch":["libdwarf-help-20210528-1.oe1.noarch.rpm"],"src":["libdwarf-20210528-1.oe1.src.rpm"],"x86_64":["libdwarf-tools-20210528-1.oe1.x86_64.rpm","libdwarf-debuginfo-20210528-1.oe1.x86_64.rpm","libdwarf-devel-20210528-1.oe1.x86_64.rpm","libdwarf-20210528-1.oe1.x86_64.rpm","libdwarf-debugsource-20210528-1.oe1.x86_64.rpm"]}}],"references":[{"type":"ADVISORY","url":"https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1820"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-27545"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-28163"}],"database_specific":{"severity":"Medium"}}