87 matches found
EUVD-2019-16698
Malware in sbrugna...
EUVD-2025-31995
Malicious code in bioql PyPI...
CVE-2022-50450
Summary: CVE-2022-50450 concerns a heap‑based buffer overflow in the ELF handling of libbpf used by BPF loading in the Linux kernel context. The root cause, as described by connected sources, is the direct use of the ELF header field e_shnum to count section headers, which can overflow a heap whe...
Oracle Linux 7 : elfutils (ELSA-2019-2197)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-2197 advisory. 0.176-2 - Add elfutils-0.176-xlate-note.patch 1704754 0.176-1 - New upstream release 1676504 CVE-2019-7146, CVE-2019-7148, CVE-2019-7149, CVE-2019-7150...
SUSE CVE-2018-18520
An Invalid Memory Address Dereference exists in the function elfend in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handlear in size.c closes the outer ar file before handling all inner entries. The vulnerability allows attackers to cause a...
The vulnerability of the libelf/elf_end.c component of the ELF modification and analysis utility Elfutils allows a perpetrator to access confidential data, compromise its integrity, and cause service failures.
The vulnerability of the libelf/elfend.c component of the ELF modification and analysis utility Elfutils involves a repeated memory release mechanism. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service failures...
The vulnerability of the elf_end function in the libelf library, a set of utilities for processing ELF objects, relates to the issue of allowing the output operation to be within acceptable data buffer limits. This vulnerability allows an attacker to cause a service failure.
The vulnerability of the elfend function in the libelf library is related to improper closure of the ar file. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...
Huawei EulerOS: Security Advisory for elfutils (EulerOS-SA-2019-1109)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.3.0 : elfutils (EulerOS-SA-2019-2313)
According to the versions of the elfutils packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarfgetabbrev in dwarfgetabbrev.c and...
Denial Of Service (DoS)
elfutils is vulnerable to denial of service DoS. A failure to check the dyn data read by the dwflsegmentreportmodule causes a segmentation fault in elf64xlatetom in libelf/elf32xlatetom.c...
EulerOS 2.0 SP3 : elfutils (EulerOS-SA-2019-1281)
According to the versions of the elfutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An Invalid Memory Address Dereference exists in the function elfend in libelf in elfutils through v0.174. Although eu-size is intended to...
The vulnerability of the elf32_xlatetom function in the elfutils package, related to the possibility of the operation exceeding the buffer boundaries in memory, allows a hacker to trigger a service failure.
The vulnerability of the elf32xlatetom function in the libelf package within the elfutils suite is related to the possibility of the operation exceeding the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to trigger a service failure due to a specially crafted E...
[ASA-201903-9] libelf: denial of service
Arch Linux Security Advisory ASA-201903-9 ========================================= Severity: Medium Date : 2019-03-18 CVE-ID : CVE-2019-7148 CVE-2019-7149 CVE-2019-7150 CVE-2019-7664 CVE-2019-7665 Package : libelf Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-86...
CVE-2019-7665
In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32xlatetom in elf32xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of service program crash because eblcorenote does not reject malformed core file notes...
Heap overflow
In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32xlatetom in elf32xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of service program crash because eblcorenote does not reject malformed core file notes...
CVE-2019-7665
In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32xlatetom in elf32xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of service program crash because eblcorenote does not reject malformed core file notes...
Buffer overflow
In elfutils 0.175, a negative-sized memcpy is attempted in elfcvtnote in libelf/notexlate.h because of an incorrect overflow check. Crafted elf input causes a segmentation fault, leading to denial of service program crash...
CVE-2019-7665
In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32xlatetom in elf32xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of service program crash because eblcorenote does not reject malformed core file notes...
CVE-2019-7665
In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32xlatetom in elf32xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of service program crash because eblcorenote does not reject malformed core file notes...
CVE-2019-7665
CVE-2019-7665 affects elfutils 0.175, where a heap-based buffer over-read in elf32_xlatetom.c (libelf) can trigger a crash/DoS when processing crafted ELF input, due to malformed core file notes not being rejected. Upstream remediation is in elfutils 0.176; several advisories (Arch Linux ASA-2019...