The vulnerability of the elf64_xlatetom function in the elfutils package, which stems from the lack of checks for matching the expected data size with the actual data read from the dump file (core), allows attackers to trigger a service failure.

The vulnerability of the elf64xlatetom function in the libelf/elf32xlatetom.c file within the elfutils package is related to the lack of checks to ensure that the expected data size matches the actual data read from the dump file. Exploiting this vulnerability could allow an attacker to cause a...

The vulnerability of the elf_cvt_note() function in the ELF file modification and analysis utility Elfutils allows a attacker to cause a service failure.

The vulnerability of the elfcvtnote function in the Elfutils tool for modifying and analyzing binary ELF files is related to an attempt to copy negative data volumes. Exploiting this vulnerability could allow a perpetrator to cause service failures...

The vulnerability of the elf32_xlatetom function in the elfutils package, related to the possibility of the operation exceeding the buffer boundaries in memory, allows a hacker to trigger a service failure.

The vulnerability of the elf32xlatetom function in the libelf package within the elfutils suite is related to the possibility of the operation exceeding the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to trigger a service failure due to a specially crafted E...

EulerOS Virtualization 2.5.3 : elfutils (EulerOS-SA-2019-1261)

According to the versions of the elfutils packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An Invalid Memory Address Dereference exists in the function elfend in libelf in elfutils through v0.174. Although eu-size is...

EulerOS 2.0 SP2 : elfutils (EulerOS-SA-2019-1109)

According to the versions of the elfutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An Invalid Memory Address Dereference exists in the function elfend in libelf in elfutils through v0.174. Although eu-size is intended to...

EulerOS 2.0 SP5 : elfutils (EulerOS-SA-2019-1133)

According to the versions of the elfutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An Invalid Memory Address Dereference exists in the function elfend in libelf in elfutils through v0.174. Although eu-size is intended to...

Debian DLA-1689-1 : elfutils security update

Several issues in elfutils, a collection of utilities to handle ELF objects, have been found either by fuzzing or by using an AddressSanitizer. CVE-2019-7665 Due to a heap-buffer-overflow problem in function elf32xlatetom a crafted ELF input can cause segmentation faults. CVE-2019-7150 Add sanity...

[SECURITY] [DLA 1689-1] elfutils security update

Package : elfutils Version : 0.159-4.2+deb8u1 CVE ID : CVE-2017-7608 CVE-2017-7610 CVE-2017-7611 CVE-2017-7612 CVE-2017-7613 CVE-2018-16062 CVE-2018-18310 CVE-2018-18520 CVE-2018-18521 CVE-2019-7149 CVE-2019-7150 CVE-2019-7665 Several issues in elfutils, a collection of utilities to handle ELF...

Debian: Security Advisory (DLA-1689-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 29 : elfutils (2019-44a9d99647)

New upstream release 0.176. Fixes CVE-2019-7146, CVE-2019-7148, CVE-2019-7149, CVE-2019-7150, CVE-2019-7664 and CVE-2019-7665. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically...

[SECURITY] Fedora 29 Update: elfutils-0.176-1.fc29

Elfutils is a collection of utilities, including stack to show backtraces, nm for listing symbols from object files, size for listing the section sizes of an object or archive file, strip for discarding symbols, readelf to see the raw ELF file structures, elflint to check for well-formed ELF file...

elfutils denial of service vulnerability (CNVD-2019-07028)

elfutils is a collection of utilities and libraries for reading, creating, and modifying ELF binaries, finding and manipulating DWARF debug data, symbols, thread states, and stack traces for processes and kernel files on GNU/Linux. A denial of service vulnerability exists in elfcvtnote in...

Buffer overflow

In elfutils 0.175, a negative-sized memcpy is attempted in elfcvtnote in libelf/notexlate.h because of an incorrect overflow check. Crafted elf input causes a segmentation fault, leading to denial of service program crash...

CVE-2019-7664

In elfutils 0.175, a negative-sized memcpy is attempted in elfcvtnote in libelf/notexlate.h because of an incorrect overflow check. Crafted elf input causes a segmentation fault, leading to denial of service program crash...

CVE-2019-7665

In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32xlatetom in elf32xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of service program crash because eblcorenote does not reject malformed core file notes...

DEBIAN-CVE-2019-7664

In elfutils 0.175, a negative-sized memcpy is attempted in elfcvtnote in libelf/notexlate.h because of an incorrect overflow check. Crafted elf input causes a segmentation fault, leading to denial of service program crash...

UBUNTU-CVE-2019-7664

In elfutils 0.175, a negative-sized memcpy is attempted in elfcvtnote in libelf/notexlate.h because of an incorrect overflow check. Crafted elf input causes a segmentation fault, leading to denial of service program crash...

CVE-2019-7665

In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32xlatetom in elf32xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of service program crash because eblcorenote does not reject malformed core file notes...

ALPINE-CVE-2019-7664

In elfutils 0.175, a negative-sized memcpy is attempted in elfcvtnote in libelf/notexlate.h because of an incorrect overflow check. Crafted elf input causes a segmentation fault, leading to denial of service program crash...

ALPINE-CVE-2019-7665

In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32xlatetom in elf32xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of service program crash because eblcorenote does not reject malformed core file notes...