new packages: gcc-toolset-9-elfutils

An update is available for gcc-toolset-9-elfutils. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GCC Toolset is a compiler toolset that provides recent version...

Amazon Linux 2 : elfutils (ALAS-2019-1337)

An out-of-bounds read was discovered in elfutils in the way it reads DWARF address ranges information. Function dwarfgetaranges in dwarfgetaranges.c does not properly check whether it reads beyond the limits of the ELF section. An attacker could use this flaw to cause a denial of service via a...

Low: elfutils

Issue Overview: An out-of-bounds read was discovered in elfutils in the way it reads DWARF address ranges information. Function dwarfgetaranges in dwarfgetaranges.c does not properly check whether it reads beyond the limits of the ELF section. An attacker could use this flaw to cause a denial of...

NewStart CGSL CORE 5.04 / MAIN 5.04 : elfutils Multiple Vulnerabilities (NS-SA-2019-0209)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has elfutils packages installed that are affected by multiple vulnerabilities: - dwarfgetaranges in dwarfgetaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service heap-based buffer...

CVE-2019-7664

In elfutils 0.175, a negative-sized memcpy is attempted in elfcvtnote in libelf/notexlate.h because of an incorrect overflow check. Crafted elf input causes a segmentation fault, leading to denial of service program crash...

elfutils security update

CentOS Errata and Security Advisory CESA-2019:2197 An update for elfutils is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

CentOS 7 : elfutils (CESA-2019:2197)

An update for elfutils is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

Scientific Linux Security Update : elfutils on SL7.x x86_64 (20190806)

The following packages have been upgraded to a later upstream version: elfutils 0.176. Security Fixes : - elfutils: Heap-based buffer over-read in libdw/dwarfgetaranges.c:dwarfgetaranges via crafted file CVE-2018-16062 - elfutils: Double-free due to double decompression of sections in crafted ELF...

MGASA-2019-0222 Updated elfutils packages fix security vulnerabilities

It was discovered that elfutils incorrectly handled certain malformed files. If a user or automated system were tricked into processing a specially crafted file, elfutils could be made to crash or consume resources, resulting in a denial of service CVE-2017-7607, CVE-2017-7608, CVE-2017-7609,...

Updated elfutils packages fix security vulnerabilities

It was discovered that elfutils incorrectly handled certain malformed files. If a user or automated system were tricked into processing a specially crafted file, elfutils could be made to crash or consume resources, resulting in a denial of service CVE-2017-7607, CVE-2017-7608, CVE-2017-7609,...

elfutils security, bug fix, and enhancement update

0.176-2 - Add elfutils-0.176-xlate-note.patch 1704754 0.176-1 - New upstream release 1676504 CVE-2019-7146, CVE-2019-7148, CVE-2019-7149, CVE-2019-7150, CVE-2019-7664, CVE-2019-7665, CVE-2018-16062, CVE-2018-16402, CVE-2018-16403, CVE-2018-18310, CVE-2018-18521, CVE-2018-18520...

RHEL 7 : elfutils (RHSA-2019:2197)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2197 advisory. The elfutils packages contain a number of utility programs and libraries related to the creation and maintenance of executable code. The...

Denial Of Service (DoS)

elfutils is vulnerable to denial of service DoS. It is due to an Out of bound write in elfcvtnote in libelf/notexlate.h...

Buffer Over-Read

The elfutils package is vulnerable to heap-based buffer over-read in libdw/dwarfgetaranges.c:dwarfgetaranges through a malicious file...

Denial Of Service (DoS)

elfutils is vulnerable to denial of service. It is because the eu-size cannot handle recursive ar files...

Denial Of Service (DoS)

elfutils is vulnerable to denial of service DoS. A failure to check the dyn data read by the dwflsegmentreportmodule causes a segmentation fault in elf64xlatetom in libelf/elf32xlatetom.c...

Denial Of Service (DoS)

elfutils is vulnerable to denial of service DoS. It causes a double-free as it performs double decompression of sections when a malicious ELF is input, leading to an application crash...

Denial Of Service (DoS)

elfutils is vulnerable to denial of service DoS. The attack is due to divide-by-zero error in the function arlibaddsymbols in arlib.c...

Denial Of Service (DoS)

elfutils is vulnerable to denial of service DoS. It causes a heap-based buffer over-read in libdw/dwarfgetaranges.c:dwarfgetaranges via a malicious file...

Denial Of Service (DoS)

elfutils is vulnerable to denial of service DoS attack. The attack is due to a heap-based buffer over-read occured in the function readsrclines in dwarfgetsrclines.c in libdw in elfutils when an attacker passes a malicious input file...