UBUNTU-CVE-2023-25523

NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the nvdisasm binary file, where an attacker may cause a NULL pointer dereference by providing a user with a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service...

SUSE CVE-2004-0138

The ELF loader in Linux kernel 2.4 before 2.4.25 allows local users to cause a denial of service crash via a crafted ELF file with an interpreter with an invalid arch architecture, which triggers a BUG when an invalid VMA is unmapped...

SUSE CVE-2017-16828

The displaydebugframes function in dwarf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service integer overflow and heap-based buffer over-read, and application crash or possibly have unspecified other impact via a crafted ELF file, related to printdebugframe...

SUSE CVE-2018-17358

An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31. An invalid memory access exists in bfdstabsectionfindnearestline in syms.c. Attackers could leverage this vulnerability to cause a denial of service application crash via a crafted E...

SUSE CVE-2019-9073

An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in bfdelfslurpversiontables in elf.c...

Qualcomm 芯片输入验证错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc. and are often manufactured on the surface of semiconductor wafers. The Qualcomm chip has a security vulnerability that stems from a transient...

PT-2023-13240 · Qualcomm · Snapdragon +14

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a transient denial-of-service in automotive systems, caused by improper input validation while parsing ELF files. There is no...

PT-2022-24621 · Toaruos · Toaruos

Name of the Vulnerable Software and Affected Versions: ToaruOS version 2.0.1 Description: The issue allows for remote code execution when a crafted ELF file is parsed, due to a global overflow in the readelf component. Recommendations: For ToaruOS version 2.0.1, consider avoiding the use of reade...

Solana Rbpf 输入验证错误漏洞

Solana Rbpf is a Rust Virtual Machine and Jit compiler for Ebpf programs from the Solana Foundation in Switzerland. An input validation error vulnerability exists in Solana Rbpf versions 0.2.14 through 0.2.16, which stems from an integer overflow error in the call to the relocate function in...

DEBIAN-CVE-2020-24821

A vulnerability in the dwarf::cursor::skipform function of Libelfin v0.3 allows attackers to cause a denial of service DOS through a segmentation fault via a crafted ELF file...

UBUNTU-CVE-2021-30500

Null pointer dereference was found in upx PackLinuxElf::canUnpack in plxelf.cpp,in version UPX 4.0.0. That allow attackers to execute arbitrary code and cause a denial of service via a crafted file...

binutils: denial of service via crafted ELF file

findabstractinstance in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service infinite recursion and application crash via a crafted ELF file...

find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd) as distributed in GNU Binutils 2.32 allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file.

...

RetDec - A Retargetable Machine-Code Decompiler Based On LLVM

RetDec is a retargetable machine-code decompiler based on LLVM. The decompiler is not limited to any particular target architecture, operating system, or executable file format: Supported file formats: ELF, PE, Mach-O, COFF, AR archive, Intel HEX, and raw machine code Supported architectures:...

elfutils heap buffer overread vulnerability

elfutils is a collection of utilities and libraries for reading, creating, and modifying ELF binaries, finding and manipulating DWARF debug data, symbols, thread states, and stack traces for processes and kernel files on GNU/Linux. A heap buffer over-read vulnerability exists in the elf32xlatetom...

DEBIAN-CVE-2019-7148

An attempted excessive memory allocation was discovered in the function readlongnames in elfbegin.c in libelf in elfutils 0.174. Remote attackers could leverage this vulnerability to cause a denial-of-service via crafted elf input, which leads to an out-of-memory exception. NOTE: The maintainers...

UBUNTU-CVE-2018-20002

The bfdgenericreadminisymbols function in syms.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service memory consumption, as demonstrated by nm...

binutils: NULL pointer dereference in swap_std_reloc_in function in aoutx.h resulting in crash

The swapstdrelocin function in aoutx.h in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service aout32swapstdrelocout NULL pointer dereference and application crash via a crafted ELF file, as demonstrated by...

GNU Binutils Binary File Descriptor library null pointer dereference vulnerability

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utilities developed by the GNU Project to work with object files in a variety of formats, with connectors, assemblers, and other tools for object files and archives.The Binary File Descriptor BFD library a.k.a...

kernel: Integer overflow in Linux's create_elf_tables function

An integer overflow flaw was found in the Linux kernel's createelftables function. An unprivileged local user with access to SUID or otherwise privileged binary could use this flaw to escalate their privileges on the system...