{"id":"CVE-2022-32200","details":"libdwarf 0.4.0 has a heap-based buffer over-read in _dwarf_check_string_valid in dwarf_util.c.","modified":"2026-04-12T02:56:54.932406Z","published":"2022-06-02T14:16:01.167Z","related":["openSUSE-SU-2024:12134-1"],"references":[{"type":"ADVISORY","url":"https://www.prevanders.net/dwarfbug.html"},{"type":"REPORT","url":"https://github.com/davea42/libdwarf-code/issues/116"},{"type":"FIX","url":"https://github.com/davea42/libdwarf-code/commit/8151575a6ace77d005ca5bb5d71c1bfdba3f7069"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/davea42/libdwarf-code","events":[{"introduced":"0"},{"last_affected":"6993512b8c1ebb1a52b91def4557d67eba79cfa4"},{"fixed":"8151575a6ace77d005ca5bb5d71c1bfdba3f7069"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"0.4.0"}]}}],"versions":["20110113","20110605","20110607","20110612","20110908","20111009","20111030","20111214","20120410","20121127","20121130","20130125","20130126","20130207","20130729","20130729-b","20140131","20140208","20140413","20140519","20140805","20150112","20150115","20150310","20150507","20150913","20150915","20151114","20160116","20160507","20160613","20160923","20160929","20161001","20161021","20161124","20170416","20170709","20180129","20180527","20180723","20180724","20180809","20181024","20190505","20190529","20191002","20191104","20200114","20200703","20200719","20200825","20201020","20201201","20210305","20210528","libdwarf-0.1.1","libdwarf-0.2.0","libdwarf-0.3.0","libdwarf-0.3.1","libdwarf-0.3.2","libdwarf-0.3.3","libdwarf-0.3.4","libdwarf-0.4.0","v0.3.4","v0.4.0"],"database_specific":{"vanir_signatures_modified":"2026-04-12T02:56:54Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-32200.json","vanir_signatures":[{"deprecated":false,"target":{"file":"src/lib/libdwarf/dwarf_global.c","function":"_dwarf_internal_get_pubnames_like_data"},"signature_version":"v1","source":"https://github.com/davea42/libdwarf-code/commit/8151575a6ace77d005ca5bb5d71c1bfdba3f7069","digest":{"length":6497,"function_hash":"180134011860476916741727590627653524462"},"id":"CVE-2022-32200-77371b43","signature_type":"Function"},{"deprecated":false,"target":{"file":"src/lib/libdwarf/dwarf_global.c"},"signature_version":"v1","source":"https://github.com/davea42/libdwarf-code/commit/8151575a6ace77d005ca5bb5d71c1bfdba3f7069","digest":{"line_hashes":["105452472307704943989628825587070833665","318010844446550855911117167534947273534","232956743512814284022582453262001133788","66376023381154250859184221919304176901","315282769935730402221788470433923486467","334521993224221255669728676640307087683","99233554693935238173537459353427327200","104030429930485110275811868671859879413","93001142976008720083791221038502107346","19028682389115033801921731463655431512","66652464949448767028211943453364736848","289595022467853742479892745732121572232","30086007497845496170573473888063801656","313679785871146910055858506277493303658","108924846109711695785226287105189968234","191248088806397029796208288639914013871","232795120665924206972521398381405667476","326615293463766354548818522539543954245","145856008601471662483693570260351725116","148410663626131732622167948584749532227","70206371186490335491615876815479259072","280450742140493662865735614323153289325","120033726953093145825595891087998670718","166589602757590722227781022336663464585","23646741518148293911789250102547666370","258083991025931596541238964486816693366","183654469208859632018114676421777959121","4231038119223413661969814379532751690"],"threshold":0.9},"id":"CVE-2022-32200-96e76880","signature_type":"Line"}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}