485 matches found
Design/Logic Flaw
An invalid memory address dereference was discovered in dwflsegmentreportmodule.c in libdwfl in elfutils through v0.174. The vulnerability allows attackers to cause a denial of service application crash with a crafted ELF file, as demonstrated by considernotes...
CVE-2018-18310
CVE-2018-18310 is an invalid memory address dereference in libdwfl/dwfl_segment_report_module.c of elfutils (through v0.174) that can cause a denial of service (application crash) when processing a crafted ELF file. Connected advisories confirm the issue and indicate that upstream fixes exist in ...
Fedora Update for elfutils FEDORA-2018-1eec1f0d17
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 28 Update: elfutils-0.174-1.fc28
Elfutils is a collection of utilities, including stack to show backtraces, nm for listing symbols from object files, size for listing the section sizes of an object or archive file, strip for discarding symbols, readelf to see the raw ELF file structures, elflint to check for well-formed ELF file...
[SECURITY] Fedora 29 Update: elfutils-0.174-1.fc29
Elfutils is a collection of utilities, including stack to show backtraces, nm for listing symbols from object files, size for listing the section sizes of an object or archive file, strip for discarding symbols, readelf to see the raw ELF file structures, elflint to check for well-formed ELF file...
CVE-2018-16403
libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarfgetabbrev in dwarfgetabbrev.c and dwarfhasattr in dwarfhasattr.c, leading to a heap-based buffer over-read and an application crash...
CVE-2018-16402
libelf/elfend.c in elfutils 0.173 allows remote attackers to cause a denial of service double free and application crash or possibly have unspecified other impact because it tries to decompress twice...
Elfutils Buffer Overflow Vulnerability
elfutils is a collection of utilities and libraries for reading, creating and modifying ELF binaries. A security vulnerability exists in elfutils version 0.173 in the 'dwarfgetabbrev' function of the dwarfgetabbrev.c file and the 'dwarfhasattr ' functions have a security vulnerability that stems...
Heap overflow
libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarfgetabbrev in dwarfgetabbrev.c and dwarfhasattr in dwarfhasattr.c, leading to a heap-based buffer over-read and an application crash...
CVE-2018-16402
libelf/elfend.c in elfutils 0.173 allows remote attackers to cause a denial of service double free and application crash or possibly have unspecified other impact because it tries to decompress twice...
DEBIAN-CVE-2018-16403
libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarfgetabbrev in dwarfgetabbrev.c and dwarfhasattr in dwarfhasattr.c, leading to a heap-based buffer over-read and an application crash...
CVE-2018-16402
libelf/elfend.c in elfutils 0.173 allows remote attackers to cause a denial of service double free and application crash or possibly have unspecified other impact because it tries to decompress twice...
CVE-2018-16403
libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarfgetabbrev in dwarfgetabbrev.c and dwarfhasattr in dwarfhasattr.c, leading to a heap-based buffer over-read and an application crash...
ALPINE-CVE-2018-16402
libelf/elfend.c in elfutils 0.173 allows remote attackers to cause a denial of service double free and application crash or possibly have unspecified other impact because it tries to decompress twice...
DEBIAN-CVE-2018-16402
libelf/elfend.c in elfutils 0.173 allows remote attackers to cause a denial of service double free and application crash or possibly have unspecified other impact because it tries to decompress twice...
CVE-2018-16403
libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarfgetabbrev in dwarfgetabbrev.c and dwarfhasattr in dwarfhasattr.c, leading to a heap-based buffer over-read and an application crash...
CVE-2018-16402
CVE-2018-16402 affects elfutils (libelf/elf_end.c) where double decompression of sections can lead to a denial of service or application crash. Affected upstream version is 0.173. Public advisories confirm a remediation path: upgrade elfutils to newer releases (e.g., 0.176) across affected platfo...
CVE-2018-16403
CVE-2018-16403 affects elfutils 0.173. The vulnerability is a heap-based buffer over-read in libdw, specifically in dwarf_getabbrev.c and dwarf_hasattr.c, which can lead to an application crash when processing crafted files. The issue is confirmed by multiple advisories (e.g., RHSA-2019:2197; ALA...
CVE-2018-16403
libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarfgetabbrev in dwarfgetabbrev.c and dwarfhasattr in dwarfhasattr.c, leading to a heap-based buffer over-read and an application crash...
CVE-2018-16402
libelf/elfend.c in elfutils 0.173 allows remote attackers to cause a denial of service double free and application crash or possibly have unspecified other impact because it tries to decompress twice...