The vulnerability in the displaydebug_section function of the readelf.c component of the GNU Binutils development environment allows a attacker to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the displaydebugsection function in the readelf.c component of the GNU Binutils development environment is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and cause...

OESA-2025-1179 elfutils security update

Elfutils is a collection of utilities, including stack to show backtraces, nm for listing symbols from object files, size for listing the section sizes of an object or archive file, strip for discarding symbols, readelf to see the raw ELF file structures, elflint to check for well-formed ELF file...

SUSE CVE-2025-1372

A vulnerability was found in GNU elfutils 0.192. It has been declared as critical. Affected by this vulnerability is the function dumpdatasection/printstringsection of the file readelf.c of the component eu-readelf. The manipulation of the argument z/x leads to buffer overflow. An attack has to b...

DEBIAN-CVE-2025-1371

A vulnerability has been found in GNU elfutils 0.192 and classified as problematic. This vulnerability affects the function handledynamicsymtab of the file readelf.c of the component eu-read. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has...

PT-2025-6895

Name of the Vulnerable Software and Affected Versions: GNU elfutils version 0.192 Description: A critical issue was found in GNU elfutils. This affects the process symtab function of the readelf.c file in the eu-readelf component. The manipulation of the D/a argument leads to a buffer overflow...

The vulnerability in the `print_gnu_property_note` function of the `readelf.c` component of the GNU Binutils development environment allows a malicious actor to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the printgnupropertynote function in the readelf.c component of the GNU Binutils development environment is related to integer overflow. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service failures...

The vulnerability in the `loaddebugsection` function of the `readelf.c` component of the GNU Binutils development environment allows an attacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the loaddebugsection function in the readelf.c component of the GNU Binutils development environment is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its...

PT-2022-24622 · Toaruos · Toaruos

Name of the Vulnerable Software and Affected Versions: ToaruOS version 2.0.1 Description: The issue concerns arbitrary address read vulnerabilities in the readelf component of ToaruOS when it parses a crafted ELF file. Recommendations: For ToaruOS version 2.0.1, at the moment, there is no...

PT-2022-24621 · Toaruos · Toaruos

Name of the Vulnerable Software and Affected Versions: ToaruOS version 2.0.1 Description: The issue allows for remote code execution when a crafted ELF file is parsed, due to a global overflow in the readelf component. Recommendations: For ToaruOS version 2.0.1, consider avoiding the use of reade...

file: out-of-bounds read via a crafted ELF file

The docorenote function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted ELF file...

DEBIAN-CVE-2014-9653

readelf.c in file before 5.22, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not consider that pread calls sometimes read only a subset of the available data, which allows remote attackers to cause a denial of service uninitialized memor...