CVE-2022-39170: Double Free

September 2, 2022 (updated November 9, 2023)

libdwarf 0.4.1 has a double free in _dwarf_exec_frame_instr in dwarf_frame.c.

References

github.com/davea42/libdwarf-code/commit/60303eb80ecc7747bf29776d545e2a5c5a76f6f8
github.com/davea42/libdwarf-code/issues/132
nvd.nist.gov/vuln/detail/CVE-2022-39170

Code Behaviors & Features

Detect and mitigate CVE-2022-39170 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →