87 matches found
CVE-2016-10255
The libelfsetrawdatawrlock function in elfgetdata.c in elfutils before 0.168 allows remote attackers to cause a denial of service crash via a crafted 1 shoff or 2 shsize ELF header value, which triggers a memory allocation failure...
CVE-2016-10255
Elfutils: CVE-2016-10255 affects the __libelf_set_rawdata_wrlock path in elf_getdata.c, where crafted sh_off/sh_size ELF header values can trigger a memory allocation failure and crash. This corresponds to memory allocation issues that enable a Denial of Service via a crafted ELF file. Affected p...
CVE-2016-10255
The libelfsetrawdatawrlock function in elfgetdata.c in elfutils before 0.168 allows remote attackers to cause a denial of service crash via a crafted 1 shoff or 2 shsize ELF header value, which triggers a memory allocation failure...
CVE-2016-10255
The libelfsetrawdatawrlock function in elfgetdata.c in elfutils before 0.168 allows remote attackers to cause a denial of service crash via a crafted 1 shoff or 2 shsize ELF header value, which triggers a memory allocation failure...
elfutils: directory traversal in read_long_names()
Directory traversal vulnerability in the readlongnames function in libelf/elfbegin.c in elfutils 0.152 and 0.161 allows remote attackers to write to arbitrary files to the root directory via a / slash in a crafted archive, as demonstrated using the ar program...
Mandriva Linux Security Advisory : elfutils (MDVSA-2015:104)
Updated elfutils packages fix security vulnerabilities : The libdw library provides support for accessing DWARF debugging information inside ELF files. An integer overflow flaw in checksection, leading to a heap-based buffer overflow, was found in the libdw library. A malicious ELF file could cau...
elfutils: directory traversal
Directory traversal vulnerability in the readlongnames function in libelf/elfbegin.c allows remote attackers to write to arbitrary files to the root directory via a / slash in a crafted archive, as demonstrated using the ar program...
CVE-2014-9447
Directory traversal vulnerability in the readlongnames function in libelf/elfbegin.c in elfutils 0.152 and 0.161 allows remote attackers to write to arbitrary files to the root directory via a / slash in a crafted archive, as demonstrated using the ar program...
CVE-2014-9447
Directory traversal vulnerability in the readlongnames function in libelf/elfbegin.c in elfutils 0.152 and 0.161 allows remote attackers to write to arbitrary files to the root directory via a / slash in a crafted archive, as demonstrated using the ar program...
CVE-2014-9447
Directory traversal vulnerability in the readlongnames function in libelf/elfbegin.c in elfutils 0.152 and 0.161 allows remote attackers to write to arbitrary files to the root directory via a / slash in a crafted archive, as demonstrated using the ar program...
CVE-2014-9447
ELF utilities (elfutils) vulnerable in versions 0.152 and 0.161 due to a directory traversal in libelf/elf_begin.cread_long_names that lets remote attackers write to arbitrary files in the root directory via a crafted archive (ar). Impact is ability to modify files on the root; remediation is upd...
elfutils '/libelf/elf_begin.c' directory traversal vulnerability
Elfutils contains a series of tools for creating, modifying, and analyzing binary files. The elfutils '/libelf/elfbegin.c' suffers from a directory traversal vulnerability because it fails to adequately filter user-supplied input. A remote attacker could use a specially crafted request with a...
openSUSE Security Update : elfutils (openSUSE-SU-2014:0974-1)
Fix integer overflow in checksection CVE-2014-0172, bnc872785 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2014-491. The text description of this plugin is C SUSE LLC...
DEBIAN-CVE-2013-2196
Multiple unspecified vulnerabilities in the Elf parser libelf in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel, related to "other problems" that are not CVE-2013-2194 or CVE-2013-2195...
DEBIAN-CVE-2013-2194
Multiple integer overflows in the Elf parser libelf in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel...
CVE-2013-2194
Multiple integer overflows in the Elf parser libelf in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel...
CVE-2013-2196
Multiple unspecified vulnerabilities in the Elf parser libelf in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel, related to "other problems" that are not CVE-2013-2194 or CVE-2013-2195...
Code injection
Multiple unspecified vulnerabilities in the Elf parser libelf in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel, related to "other problems" that are not CVE-2013-2194 or CVE-2013-2195...
CVE-2013-2194
Multiple integer overflows in the Elf parser libelf in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel...
CVE-2013-2196
The CVE-2013-2196 entry is confirmed with concrete details in connected records: Xen hypervisor 4.2.x and earlier uses the Elf parser (libelf) and contains multiple unspecified vulnerabilities that allow local guest administrators with certain permissions to trigger an impact via a crafted kernel...