A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results.
Fixes

Solution

No solution given by the vendor.


Workaround

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

History

Wed, 09 Apr 2025 16:00:00 +0000

Type Values Removed Values Added
First Time appeared Fedoraproject
Fedoraproject fedora
Libdwarf Project
Libdwarf Project libdwarf
CPEs cpe:2.3:a:libdwarf_project:libdwarf:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
Vendors & Products Fedoraproject
Fedoraproject fedora
Libdwarf Project
Libdwarf Project libdwarf

Fri, 22 Nov 2024 12:00:00 +0000


Sat, 28 Sep 2024 03:45:00 +0000


Sat, 28 Sep 2024 03:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2025-08-30T08:55:57.263Z

Reserved: 2024-02-29T08:38:25.706Z

Link: CVE-2024-2002

cve-icon Vulnrichment

Updated: 2024-08-01T18:56:22.520Z

cve-icon NVD

Status : Analyzed

Published: 2024-03-18T13:15:07.657

Modified: 2025-04-09T15:36:37.840

Link: CVE-2024-2002

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-02-17T00:00:00Z

Links: CVE-2024-2002 - Bugzilla

cve-icon OpenCVE Enrichment

No data.