Bugzilla – Bug 1223157
VUL-0: CVE-2024-31745: libdwarf: heap use-after-free via the dw_empty_errlist_item function at /libdwarf/dwarf_alloc.c
Last modified: 2024-06-12 13:40:50 UTC
Libdwarf v0.9.1 was discovered to contain a heap use-after-free via the dw_empty_errlist_item function at /libdwarf/dwarf_alloc.c. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-31745 https://www.cve.org/CVERecord?id=CVE-2024-31745 https://github.com/davea42/libdwarf-code/commit/404e6b1b14f60c81388d50b4239f81d461b3c3ad https://github.com/davea42/libdwarf-code/issues/238
Package libdwarf is affected in the following codestreams: - openSUSE:Factory
Hmm, this fell through the cracks. I'll update the factory package. I'm fairly reluctant to change anything for the SLE version. It's so old that a version update is right out of question. The patch only touches a facility that didn't exist back then: it's a list of specially allocated error objects that were freed too early. In the old dwarf source base there is no such list at all, only a single item. Introducing that list also introduced a free-everything-in-the-list function, and _that_ is the one that accesses the already freed memory. The patch makes it so that already-freed objects are cleared from the list. None of that code exists in the old libdwarf without the static_errlist. So I think it's really not affected. (As said, I'm going to update factory libdwarf)
Whoops, Dominique already updated libdwarf to 0.9.2, so this is fixed.