Important Photon OS Security Update - PHSA-2019-0204

Updates of 'fuse', 'elfutils' packages of Photon OS have been released...

PT-2019-1675 · Red Hat +5 · Elfutils +6

Name of the Vulnerable Software and Affected Versions: elfutils version 0.175 Description: A heap-based buffer over-read was discovered in the read srclines function in dwarf getsrclines.c in libdw in elfutils. This issue can be exploited by a crafted input, causing segmentation faults and leadin...

Arbitrary File Write

elfutils is vulnerable to arbitrary file write attacks. The vulnerability exists as a directory traversal vulnerability in the readlongnames function in libelf/elfbegin.c in elfutils 0.152 and 0.161 allows remote attackers to write to arbitrary files to the root directory via a / slash in a craft...

PT-2019-1678 · Red Hat +5 · Elfutils +6

Name of the Vulnerable Software and Affected Versions: elfutils version 0.175 Description: A heap-based buffer over-read was discovered in the elf32 xlatetom function in libelf. This issue can be triggered by a crafted ELF input, causing a segmentation fault that leads to a denial of service...

[ASA-201901-3] elfutils: denial of service

Arch Linux Security Advisory ASA-201901-3 ========================================= Severity: Medium Date : 2019-01-08 CVE-ID : CVE-2018-18310 CVE-2018-18520 CVE-2018-18521 Package : elfutils Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-785 Summary ======= The...

Fedora 29 : elfutils (2018-32c8599fe1)

Fixes CVE-2018-16062, CVE-2018-16402 and CVE-2018-16403. unstrip: Handle SHTGROUP sections. strip: Handle mixed out of order allocated/non-allocated sections. elfcompress: Don't rewrite input file if no section data needs updating. Try harder to keep same file mode bits suid on rewrite. libelf,...

Fedora 28 : elfutils (2018-f91531043d)

DWARF5 and split dwarf, including GNU DebugFission, support. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing addition...

Fedora 28 : elfutils (2018-1eec1f0d17)

Fixes CVE-2018-16062, CVE-2018-16402 and CVE-2018-16403. unstrip: Handle SHTGROUP sections. strip: Handle mixed out of order allocated/non-allocated sections. elfcompress: Don't rewrite input file if no section data needs updating. Try harder to keep same file mode bits suid on rewrite. libelf,...

The vulnerability of the libdwfl library in the ELF Elfutils utility for modifying and analyzing binary files allows a attacker to cause a service failure.

The vulnerability of the libdwfl library’s dwflsegmentreportmodule.c file, a tool for modifying and analyzing binary ELF files, is due to a buffer overflow segmentation fault. Exploiting this vulnerability could allow an attacker to cause a service failure by using a specially created ELF file...

Fedora Update for elfutils FEDORA-2018-cb25ae4b94

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 28 Update: elfutils-0.174-5.fc28

Elfutils is a collection of utilities, including stack to show backtraces, nm for listing symbols from object files, size for listing the section sizes of an object or archive file, strip for discarding symbols, readelf to see the raw ELF file structures, elflint to check for well-formed ELF file...

[SECURITY] Fedora 29 Update: elfutils-0.174-5.fc29

Elfutils is a collection of utilities, including stack to show backtraces, nm for listing symbols from object files, size for listing the section sizes of an object or archive file, strip for discarding symbols, readelf to see the raw ELF file structures, elflint to check for well-formed ELF file...

PT-2019-1674 · Red Hat +2 · Elfutils +2

Name of the Vulnerable Software and Affected Versions: elfutils versions 0.174 Description: The issue is related to the function read long names in the elfutils utility for modifying and analyzing ELF binary files. It involves excessive memory allocation, which can be exploited by remote attacker...

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0194

An update of 'elfutils', 'glib', 'rpm' packages of Photon OS has been released...

Critical Photon OS Security Update - PHSA-2018-0194

Updates of 'glib', 'rpm', 'elfutils' packages of Photon OS have been released...

CVE-2018-18521

Divide-by-zero vulnerabilities in the function arlibaddsymbols in arlib.c in elfutils 0.174 allow remote attackers to cause a denial of service application crash with a crafted ELF file, as demonstrated by eu-ranlib, because a zero shentsize is mishandled...

CVE-2018-18310

An invalid memory address dereference was discovered in dwflsegmentreportmodule.c in libdwfl in elfutils through v0.174. The vulnerability allows attackers to cause a denial of service application crash with a crafted ELF file, as demonstrated by considernotes...

elfutils denial of service vulnerability (CNVD-2018-21505)

elfutils is a collection of utilities and libraries for reading, creating and modifying ELF binaries. A security vulnerability in the 'elfend' function of libelf in elfutils 0.174 and earlier stems from the fact that while eu-size is used to process ar files within ar files, before failing to...

Design/Logic Flaw

An Invalid Memory Address Dereference exists in the function elfend in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handlear in size.c closes the outer ar file before handling all inner entries. The vulnerability allows attackers to cause a...

CVE-2018-18520

An Invalid Memory Address Dereference exists in the function elfend in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handlear in size.c closes the outer ar file before handling all inner entries. The vulnerability allows attackers to cause a...