[SECURITY] Fedora 28 Update: elfutils-0.174-5.fc28

Elfutils is a collection of utilities, including stack to show backtraces, nm for listing symbols from object files, size for listing the section sizes of an object or archive file, strip for discarding symbols, readelf to see the raw ELF file structures, elflint to check for well-formed ELF file...

[SECURITY] Fedora 29 Update: elfutils-0.174-5.fc29

Elfutils is a collection of utilities, including stack to show backtraces, nm for listing symbols from object files, size for listing the section sizes of an object or archive file, strip for discarding symbols, readelf to see the raw ELF file structures, elflint to check for well-formed ELF file...

PT-2019-1674 · Red Hat +2 · Elfutils +2

Name of the Vulnerable Software and Affected Versions: elfutils versions 0.174 Description: The issue is related to the function read long names in the elfutils utility for modifying and analyzing ELF binary files. It involves excessive memory allocation, which can be exploited by remote attacker...

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0194

An update of 'elfutils', 'glib', 'rpm' packages of Photon OS has been released...

Critical Photon OS Security Update - PHSA-2018-0194

Updates of 'glib', 'rpm', 'elfutils' packages of Photon OS have been released...

CVE-2018-18310

An invalid memory address dereference was discovered in dwflsegmentreportmodule.c in libdwfl in elfutils through v0.174. The vulnerability allows attackers to cause a denial of service application crash with a crafted ELF file, as demonstrated by considernotes...

elfutils denial of service vulnerability (CNVD-2018-21505)

elfutils is a collection of utilities and libraries for reading, creating and modifying ELF binaries. A security vulnerability in the 'elfend' function of libelf in elfutils 0.174 and earlier stems from the fact that while eu-size is used to process ar files within ar files, before failing to...

CVE-2018-18520

An Invalid Memory Address Dereference exists in the function elfend in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handlear in size.c closes the outer ar file before handling all inner entries. The vulnerability allows attackers to cause a...

Design/Logic Flaw

An Invalid Memory Address Dereference exists in the function elfend in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handlear in size.c closes the outer ar file before handling all inner entries. The vulnerability allows attackers to cause a...

CVE-2018-18520

An Invalid Memory Address Dereference exists in the function elfend in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handlear in size.c closes the outer ar file before handling all inner entries. The vulnerability allows attackers to cause a...

CVE-2018-18521

Divide-by-zero vulnerabilities in the function arlibaddsymbols in arlib.c in elfutils 0.174 allow remote attackers to cause a denial of service application crash with a crafted ELF file, as demonstrated by eu-ranlib, because a zero shentsize is mishandled...

DEBIAN-CVE-2018-18520

An Invalid Memory Address Dereference exists in the function elfend in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handlear in size.c closes the outer ar file before handling all inner entries. The vulnerability allows attackers to cause a...

CVE-2018-18521

Divide-by-zero vulnerabilities in the function arlibaddsymbols in arlib.c in elfutils 0.174 allow remote attackers to cause a denial of service application crash with a crafted ELF file, as demonstrated by eu-ranlib, because a zero shentsize is mishandled...

CVE-2018-18520

CVE-2018-18520 – elfutils (libelf): In elfutils up to v0.174, the function elf_end mishandles recursive ar files (eu-size/handle_ar in size.c) by closing the outer ar file before finishing inner entries, enabling an invalid memory access that can crash the application (denial of service). This is...

CVE-2018-18521

The CVE-2018-18521 issue is a confirmed vulnerability in elfutils: a Divide-by-Zero in arlib_add_symbols() (arlib.c) when processing crafted ELF files, caused by a mishandled zero sh_entsize. This can lead to denial of service (application crash). Affected upstream releases prior to fix include e...

CVE-2018-18520

An Invalid Memory Address Dereference exists in the function elfend in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handlear in size.c closes the outer ar file before handling all inner entries. The vulnerability allows attackers to cause a...

CVE-2018-18521

Divide-by-zero vulnerabilities in the function arlibaddsymbols in arlib.c in elfutils 0.174 allow remote attackers to cause a denial of service application crash with a crafted ELF file, as demonstrated by eu-ranlib, because a zero shentsize is mishandled...

UBUNTU-CVE-2018-18520

An Invalid Memory Address Dereference exists in the function elfend in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handlear in size.c closes the outer ar file before handling all inner entries. The vulnerability allows attackers to cause a...

PT-2018-3616 · Red Hat +5 · Elfutils +6

Name of the Vulnerable Software and Affected Versions: elfutils version 0.174 Description: The issue is related to a divide-by-zero vulnerability in the arlib add symbols function in arlib.c in elfutils. This vulnerability can be exploited by remote attackers to cause a denial of service, resulti...

PT-2018-3629 · Red Hat +5 · Elfutils +6

Name of the Vulnerable Software and Affected Versions: elfutils versions through 0.174 Description: The issue is related to an Invalid Memory Address Dereference in the elf end function in the libelf library of the elfutils package. This occurs because the handle ar function in size.c closes the...