485 matches found
CVE-2017-7609
elfcompress.c in elfutils 0.168 does not validate the zlib compression factor, which allows remote attackers to cause a denial of service memory consumption via a crafted ELF file...
CVE-2017-7608
Technical details about CVE-2017-7608 are not publicly provided in the supplied Connected documents. The initial description notes a heap-based read in ebl_object_note_type_name but no further details or remediation in these sources.
CVE-2017-7610
CVE-2017-7610 refers to a vulnerability in elfutils 0.168 where the check_group function in elflint.c can be triggered by a crafted ELF file to cause a heap-based buffer over-read and application crash. The initial description states the vulnerability and impact; no connected documents provide ad...
CVE-2017-7612
CVE-2017-7612 affects Elfutils (elflint.c) with a heap-based buffer over-read in check_sysv_hash, enabling a crafted ELF file to cause a denial of service (application crash). The connected IBM CVE list confirms the same root cause and impact framing for Elfutils; no additional product/version de...
CVE-2017-7613
CVE-2017-7613 affects Elfutils 0.168. The vulnerability arises from memory allocation failure in elflint.c when opening a crafted ELF file, leading to denial of service via memory exhaustion. Affected product: Elfutils (version 0.168). Root cause: insufficient validation of number of sections/seg...
CVE-2017-7610
The checkgroup function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted ELF file...
CVE-2017-7608
The eblobjectnotetypename function in eblobjnotetypename.c in elfutils 0.168 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted ELF file...
CVE-2017-7607
The handlegnuhash function in readelf.c in elfutils 0.168 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted ELF file...
PT-2017-17839 · Red Hat +3 · Elfutils +3
Name of the Vulnerable Software and Affected Versions: elfutils version 0.168 Description: The issue allows remote attackers to cause a denial of service, resulting in a heap-based buffer over-read and application crash, via a crafted ELF file. This is due to the ebl object note type name functio...
PT-2017-17840 · Red Hat +3 · Elfutils +3
Name of the Vulnerable Software and Affected Versions: elfutils version 0.168 Description: The issue is related to the elf compress.c file in elfutils, which does not validate the zlib compression factor. This allows remote attackers to cause a denial of service, specifically memory consumption, ...
UBUNTU-CVE-2017-7613
elflint.c in elfutils 0.168 does not validate the number of sections and the number of segments, which allows remote attackers to cause a denial of service memory consumption via a crafted ELF file...
UBUNTU-CVE-2017-7610
The checkgroup function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted ELF file...
CVE-2017-7611
The checksymtabshndx function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted ELF file...
CVE-2017-7610
The checkgroup function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted ELF file...
UBUNTU-CVE-2017-7612
The checksysvhash function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted ELF file...
elfutils 'allocate_elf' function denial of service vulnerability
elfutils is a collection of utilities and libraries for reading, creating and modifying ELF binaries. A denial of service vulnerability exists in the 'allocateelf' function in the common.h file of elfutils. A remote attacker could use this vulnerability to build special ELF files to crash an...
elfutils '__libelf_set_rawdata_wrlock' function denial of service vulnerability
elfutils is a collection of utilities and libraries for reading, creating and modifying ELF binaries. A denial of service vulnerability exists in the libelfsetrawdatawrlock function in elfutils's elfgetdata.c. A remote attacker could use this vulnerability to cause a denial of service via a...
CVE-2016-10254
The allocateelf function in common.h in elfutils before 0.168 allows remote attackers to cause a denial of service crash via a crafted ELF file, which triggers a memory allocation failure...
Design/Logic Flaw
The allocateelf function in common.h in elfutils before 0.168 allows remote attackers to cause a denial of service crash via a crafted ELF file, which triggers a memory allocation failure...
CVE-2016-10255
The libelfsetrawdatawrlock function in elfgetdata.c in elfutils before 0.168 allows remote attackers to cause a denial of service crash via a crafted 1 shoff or 2 shsize ELF header value, which triggers a memory allocation failure...