VDB
CVE-2019-14249
CVE-2019-14249
REJECTED
dwarf_elf_load_headers.c in libdwarf before 2019-07-05 allows attackers to cause a denial of service (division by zero) via an ELF file with a zero-size section group (SHT_GROUP), as demonstrated by dwarfdump.
EPSS 0.57% · 68.9th percentile
Risk Scores
EPSS Score
0.57%
68.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:24.04:LTS | dwarfutils | 0, 20210528-1, 20210528-1build1 |
| Ubuntu:25.04 | dwarfutils | 0 |
| Ubuntu:22.04:LTS | dwarfutils | 0, 20201201-1 |
Timeline
- Jul 24, 2019 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 22, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 27, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Nov 5, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2019-14249 third-party-advisory
- https://sourceforge.net/p/libdwarf/code/merge-requests/4/ third-party-advisory
- https://sourceforge.net/p/libdwarf/code/ci/cb7198abde46c2ae29957ad460da6886eaa606ba/tree/libdwarf/dwarf_elf_load_headers.c?diff=99e77c3894877a1dd80b82808d8309eded4e5599 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2019-14249 third-party-advisory
- https://github.com/davea42/libdwarf-code/commit/cb7198abde46c2ae29957ad460da6886eaa606ba third-party-advisory