Rizin 缓冲区错误漏洞

Rizin is a free open source reverse engineering framework from the Rizin organization. It is used to analyze binaries, disassemble code, debug programs, as a forensic tool, as a command-line hex editor that can open disk files that can be scripted, etc. Rizin 0.3.1 and earlier versions have a...

Moderate: file security update

The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format ELF binary files, system libraries, RPM packages, and different graphics formats. Security Fixes: file:...

file security update

An update is available for file. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The file command is used to identify a particular file according to the type of...

Cypress Solutions CTM-200 2.7.1 Root Remote OS Command Injection

Cypress Solutions CTM-200 2.7.1 Root Remote OS Command Injection Vendor: Cypress Solutions Inc. Product web page: https://www.cypress.bc.ca Affected version: 2.7.1.5659 2.0.5.3356-184 Summary: CTM-200 is the industrial cellular wireless gateway for fixed and mobile applications. The CTM-200 is a...

Libelfin 注入漏洞

Libelfin is a C 11 library for reading ELF binaries and DWARFv4 debug information. linetable::linetable function of Libelfin 0.3 is vulnerable to a denial of service. An attacker could exploit this vulnerability to cause a denial of service via a specially crafted ELF file causing a segmentation...

Huawei EulerOS: Security Advisory for gdb (EulerOS-SA-2020-1788)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.6.0 : gdb (EulerOS-SA-2020-1788)

According to the version of the gdb package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - GNU Debugger GDB 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a...

Low: Red Hat Security Advisory: file security update

An update for file is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code execution

GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet...

Denial Of Service (DoS)

systemtap is vulnerable to denial of service. An invalid pointer read flaw was found in the way SystemTap handled malformed debugging information in DWARF format. When SystemTap unprivileged mode was enabled, an unprivileged user in the stapusr group could use this flaw to crash the system or,...

GLSA-202003-31 : gdb: Buffer overflow

The remote host is affected by the vulnerability described in GLSA-202003-31 gdb: Buffer overflow It was discovered that gdb didnt properly validate the ELF section sizes from input file. Impact : A remote attacker could entice a user to open a specially crafted ELF binary using gdb, possibly...

Huawei EulerOS: Security Advisory for gdb (EulerOS-SA-2019-2279)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization for ARM 64 3.0.5.0 : gdb (EulerOS-SA-2020-1088)

According to the version of the gdb package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - GNU Debugger GDB 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF...

EulerOS 2.0 SP3 : gdb (EulerOS-SA-2019-2584)

According to the version of the gdb packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - GNU Debugger GDB 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can...

EulerOS 2.0 SP8 : gdb (EulerOS-SA-2019-2279)

According to the version of the gdb packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - GNU Debugger GDB 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can...

EulerOS 2.0 SP5 : gdb (EulerOS-SA-2019-1965)

According to the version of the gdb packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - GNU Debugger GDB 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can...

UBUNTU-CVE-2019-11190

The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs such as /bin/su because installexeccreds is called too late in loadelfbinary in fs/binfmtelf.c, and thus the ptracemayaccess check has a race condition when reading /proc/pid/stat...

CVE-2018-6924

In FreeBSD before 11.1-STABLE, 11.2-RELEASE-p3, 11.1-RELEASE-p14, 10.4-STABLE, and 10.4-RELEASE-p12, insufficient validation in the ELF header parser could allow a malicious ELF binary to cause a kernel crash or disclose kernel memory...

The vulnerability of the `load_elf_binary` function in the Linux operating system’s kernel allows a hacker to execute arbitrary code.

The vulnerability of the loadelfbinary function in the Linux operating system’s kernel arises from the improper allocation of the address range for the binary file PIE. This occurs when the CONFIGARCHBINFMTELFRANDOMIZEPIE configuration option is enabled, and the usual strategy for allocating...

GLSA-201710-02 : file: Stack-based buffer overflow

The remote host is affected by the vulnerability described in GLSA-201710-02 file: Stack-based buffer overflow An issue discovered in file allows attackers to write 20 bytes to the stack buffer via a specially crafted .notes section. Impact : A remote attacker, by using a specially crafted .notes...