A heap-based buffer over-read was discovered in the function read_srclines in dwarf_getsrclines.c in libdw in elfutils 0.175. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by eu-nm.
| Product | Vendor | Version |
|---|---|---|
| n/a | n/a | < 22.4R1-S2, 22.4R2 |