811 matches found
CVE-2018-18520
An Invalid Memory Address Dereference exists in the function elfend in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handlear in size.c closes the outer ar file before handling all inner entries. The vulnerability allows attackers to cause a...
DEBIAN-CVE-2018-18521
Divide-by-zero vulnerabilities in the function arlibaddsymbols in arlib.c in elfutils 0.174 allow remote attackers to cause a denial of service application crash with a crafted ELF file, as demonstrated by eu-ranlib, because a zero shentsize is mishandled...
CVE-2018-18520
An Invalid Memory Address Dereference exists in the function elfend in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handlear in size.c closes the outer ar file before handling all inner entries. The vulnerability allows attackers to cause a...
CVE-2018-18521
Divide-by-zero vulnerabilities in the function arlibaddsymbols in arlib.c in elfutils 0.174 allow remote attackers to cause a denial of service application crash with a crafted ELF file, as demonstrated by eu-ranlib, because a zero shentsize is mishandled...
CVE-2018-18520
CVE-2018-18520 – elfutils (libelf): In elfutils up to v0.174, the function elf_end mishandles recursive ar files (eu-size/handle_ar in size.c) by closing the outer ar file before finishing inner entries, enabling an invalid memory access that can crash the application (denial of service). This is...
CVE-2018-18521
The CVE-2018-18521 issue is a confirmed vulnerability in elfutils: a Divide-by-Zero in arlib_add_symbols() (arlib.c) when processing crafted ELF files, caused by a mishandled zero sh_entsize. This can lead to denial of service (application crash). Affected upstream releases prior to fix include e...
CVE-2018-18521
Divide-by-zero vulnerabilities in the function arlibaddsymbols in arlib.c in elfutils 0.174 allow remote attackers to cause a denial of service application crash with a crafted ELF file, as demonstrated by eu-ranlib, because a zero shentsize is mishandled...
CVE-2018-18520
An Invalid Memory Address Dereference exists in the function elfend in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handlear in size.c closes the outer ar file before handling all inner entries. The vulnerability allows attackers to cause a...
CVE-2018-18521
Divide-by-zero vulnerabilities in the function arlibaddsymbols in arlib.c in elfutils 0.174 allow remote attackers to cause a denial of service application crash with a crafted ELF file, as demonstrated by eu-ranlib, because a zero shentsize is mishandled...
CVE-2018-18520
An Invalid Memory Address Dereference exists in the function elfend in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handlear in size.c closes the outer ar file before handling all inner entries. The vulnerability allows attackers to cause a...
CVE-2018-18521
Divide-by-zero vulnerabilities in the function arlibaddsymbols in arlib.c in elfutils 0.174 allow remote attackers to cause a denial of service application crash with a crafted ELF file, as demonstrated by eu-ranlib, because a zero shentsize is mishandled...
UBUNTU-CVE-2018-18520
An Invalid Memory Address Dereference exists in the function elfend in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handlear in size.c closes the outer ar file before handling all inner entries. The vulnerability allows attackers to cause a...
PT-2018-3616 · Red Hat +5 · Elfutils +6
Name of the Vulnerable Software and Affected Versions: elfutils version 0.174 Description: The issue is related to a divide-by-zero vulnerability in the arlib add symbols function in arlib.c in elfutils. This vulnerability can be exploited by remote attackers to cause a denial of service, resulti...
PT-2018-3629 · Red Hat +5 · Elfutils +6
Name of the Vulnerable Software and Affected Versions: elfutils versions through 0.174 Description: The issue is related to an Invalid Memory Address Dereference in the elf end function in the libelf library of the elfutils package. This occurs because the handle ar function in size.c closes the...
Design/Logic Flaw
An invalid memory address dereference was discovered in dwflsegmentreportmodule.c in libdwfl in elfutils through v0.174. The vulnerability allows attackers to cause a denial of service application crash with a crafted ELF file, as demonstrated by considernotes...
CVE-2018-18310
CVE-2018-18310 is an invalid memory address dereference in libdwfl/dwfl_segment_report_module.c of elfutils (through v0.174) that can cause a denial of service (application crash) when processing a crafted ELF file. Connected advisories confirm the issue and indicate that upstream fixes exist in ...
UBUNTU-CVE-2018-18310
An invalid memory address dereference was discovered in dwflsegmentreportmodule.c in libdwfl in elfutils through v0.174. The vulnerability allows attackers to cause a denial of service application crash with a crafted ELF file, as demonstrated by considernotes...
PT-2019-1676 · Red Hat +5 · Elfutils +6
Name of the Vulnerable Software and Affected Versions: elfutils version 0.175 Description: An issue in the elf64 xlatetom function in libelf/elf32 xlatetom.c can cause a segmentation fault due to dwfl segment report module not checking whether the dyn data read from a core file is truncated. A...
Fedora Update for elfutils FEDORA-2018-1eec1f0d17
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 28 Update: elfutils-0.174-1.fc28
Elfutils is a collection of utilities, including stack to show backtraces, nm for listing symbols from object files, size for listing the section sizes of an object or archive file, strip for discarding symbols, readelf to see the raw ELF file structures, elflint to check for well-formed ELF file...