CVE-2018-16402

libelf/elfend.c in elfutils 0.173 allows remote attackers to cause a denial of service double free and application crash or possibly have unspecified other impact because it tries to decompress twice...

CVE-2018-16403

libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarfgetabbrev in dwarfgetabbrev.c and dwarfhasattr in dwarfhasattr.c, leading to a heap-based buffer over-read and an application crash...

CVE-2018-16062

An out-of-bounds read was discovered in elfutils in the way it reads DWARF address ranges information. Function dwarfgetaranges in dwarfgetaranges.c does not properly check whether it reads beyond the limits of the ELF section. An attacker could use this flaw to cause a denial of service via a...

DEBIAN-CVE-2018-16062

dwarfgetaranges in dwarfgetaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted file...

CVE-2018-16062

dwarfgetaranges in dwarfgetaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted file...

CVE-2018-16062

dwarfgetaranges in dwarfgetaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted file...

CVE-2018-16062

dwarfgetaranges in dwarfgetaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted file...

CVE-2018-16062

CVE-2018-16062 affects elfutils (libdw/dwarf_getaranges.c) where the function dwarf_getaranges() can read beyond ELF section limits, allowing a crafted file to cause a denial of service via a heap-based buffer over-read. Public advisories and vendor notes link this to elfutils releases prior to 2...

CVE-2018-16062

dwarfgetaranges in dwarfgetaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted file...

CVE-2018-16062

dwarfgetaranges in dwarfgetaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted file...

elfutils denial of service vulnerability

elfutils is a collection of utilities and libraries for reading, creating and modifying ELF binaries. libdw is one of these libraries. A security vulnerability exists in the 'dwarfgetaranges' function in the dwarfgetaranges.c file of libdw in versions of elfutils prior to 2018-08-18. A remote...

UBUNTU-CVE-2018-16062

dwarfgetaranges in dwarfgetaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted file...

PT-2018-3618 · Red Hat +5 · Elfutils +6

Name of the Vulnerable Software and Affected Versions: elfutils versions prior to 2018-08-18 Description: The issue is related to a buffer over-read in the dwarf getaranges function in dwarf getaranges.c of the Elfutils utility set for processing ELF objects. This can be exploited by a remote...

PT-2018-3617 · Red Hat +5 · Elfutils +6

Name of the Vulnerable Software and Affected Versions: elfutils version 0.173 Description: The issue is related to incorrect checking of the end of the attributes list in the libdw library of the elfutils package, specifically in the dwarf getabbrev function in dwarf getabbrev.c and the dwarf...

PT-2018-3828 · Red Hat +4 · Elfutils +5

Name of the Vulnerable Software and Affected Versions: elfutils version 0.173 Description: The issue is related to a double free error in the libelf/elf end.c component of the elfutils utility, which is used for modifying and analyzing ELF binary files. This error can be exploited by a remote...

Fedora Update for elfutils FEDORA-2018-f91531043d

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 28 Update: elfutils-0.171-1.fc28

Elfutils is a collection of utilities, including stack to show backtraces, nm for listing symbols from object files, size for listing the section sizes of an object or archive file, strip for discarding symbols, readelf to see the raw ELF file structures, elflint to check for well-formed ELF file...

Ubuntu 14.04 LTS / 16.04 LTS : elfutils vulnerabilities (USN-3670-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3670-1 advisory. Agostino Sarubbo discovered that elfutils incorrectly handled certain malformed ELF files. If a user or automated system were tricked into...

Ubuntu: Security Advisory (USN-3670-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3670-1 elfutils vulnerabilities

Agostino Sarubbo discovered that elfutils incorrectly handled certain malformed ELF files. If a user or automated system were tricked into processing a specially crafted ELF file, elfutils could be made to crash or consume resources, resulting in a denial of service...