CVE-2018-16402

libelf/elfend.c in elfutils 0.173 allows remote attackers to cause a denial of service double free and application crash or possibly have unspecified other impact because it tries to decompress twice...

PT-2018-3617 · Red Hat +5 · Elfutils +6

Name of the Vulnerable Software and Affected Versions: elfutils version 0.173 Description: The issue is related to incorrect checking of the end of the attributes list in the libdw library of the elfutils package, specifically in the dwarf getabbrev function in dwarf getabbrev.c and the dwarf...