RHEL 8 : elfutils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - elfutils: Double-free due to double decompression of sections in crafted ELF causes crash CVE-2018-16402 ...

Oracle Linux 7 : elfutils (ELSA-2019-2197)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-2197 advisory. 0.176-2 - Add elfutils-0.176-xlate-note.patch 1704754 0.176-1 - New upstream release 1676504 CVE-2019-7146, CVE-2019-7148, CVE-2019-7149, CVE-2019-7150...

SUSE CVE-2018-16402

libelf/elfend.c in elfutils 0.173 allows remote attackers to cause a denial of service double free and application crash or possibly have unspecified other impact because it tries to decompress twice...

SUSE: Security Advisory (SUSE-SU-2022:2614-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 Security Update : dwarves and elfutils (SUSE-SU-2022:2614-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2614-1 advisory. - The handlegnuhash function in readelf.c in elfutils 0.168 allows remote attackers to cause a denial of servi...

[SECURITY] [DLA 2802-1] elfutils security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2802-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk October 30, 2021 https://wiki.debian.org/LTS -...

Huawei EulerOS: Security Advisory for elfutils (EulerOS-SA-2020-1448)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for elfutils (EulerOS-SA-2019-2141)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for elfutils (EulerOS-SA-2019-2313)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization for ARM 64 3.0.3.0 : elfutils (EulerOS-SA-2019-2313)

According to the versions of the elfutils packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarfgetabbrev in dwarfgetabbrev.c and...

Low: elfutils

Issue Overview: An out-of-bounds read was discovered in elfutils in the way it reads DWARF address ranges information. Function dwarfgetaranges in dwarfgetaranges.c does not properly check whether it reads beyond the limits of the ELF section. An attacker could use this flaw to cause a denial of...

NewStart CGSL CORE 5.04 / MAIN 5.04 : elfutils Multiple Vulnerabilities (NS-SA-2019-0209)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has elfutils packages installed that are affected by multiple vulnerabilities: - dwarfgetaranges in dwarfgetaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service heap-based buffer...

elfutils security update

CentOS Errata and Security Advisory CESA-2019:2197 An update for elfutils is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

CentOS 7 : elfutils (CESA-2019:2197)

An update for elfutils is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

Scientific Linux Security Update : elfutils on SL7.x x86_64 (20190806)

The following packages have been upgraded to a later upstream version: elfutils 0.176. Security Fixes : - elfutils: Heap-based buffer over-read in libdw/dwarfgetaranges.c:dwarfgetaranges via crafted file CVE-2018-16062 - elfutils: Double-free due to double decompression of sections in crafted ELF...

openSUSE: Security Advisory for elfutils (openSUSE-SU-2019:1590-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE SLED15 / SLES15 Security Update : elfutils (SUSE-SU-2019:1486-1)

This update for elfutils fixes the following issues : Security issues fixed : CVE-2017-7607: Fixed a heap-based buffer overflow in handlegnuhash bsc1033084 CVE-2017-7608: Fixed a heap-based buffer overflow in eblobjectnotetypename bsc1033085 CVE-2017-7609: Fixed a memory allocation failure in...

Photon OS 1.0: Elfutils PHSA-2018-1.0-0194

An update of the elfutils package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2018-1.0-0194. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Fedora 28 : elfutils (2018-1eec1f0d17)

Fixes CVE-2018-16062, CVE-2018-16402 and CVE-2018-16403. unstrip: Handle SHTGROUP sections. strip: Handle mixed out of order allocated/non-allocated sections. elfcompress: Don't rewrite input file if no section data needs updating. Try harder to keep same file mode bits suid on rewrite. libelf,...

Fedora 29 : elfutils (2018-32c8599fe1)

Fixes CVE-2018-16062, CVE-2018-16402 and CVE-2018-16403. unstrip: Handle SHTGROUP sections. strip: Handle mixed out of order allocated/non-allocated sections. elfcompress: Don't rewrite input file if no section data needs updating. Try harder to keep same file mode bits suid on rewrite. libelf,...