CVE-2026-21996

An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuildfilesymtab...

CVE-2026-21996

An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuildfilesymtab...

EUVD-2026-26700

An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuildfilesymtab...

CVE-2026-21996

CVE-2026-21996 affects dtrace: an unprivileged, local attacker can trigger a crash in the dtrace process by feeding a malicious ELF binary, caused by an integer Divide-by-Zero in Pbuild_file_symtab(). Several advisories (e.g., Oracle ELSA-2026-50249) indicate a security update addressing this iss...

PT-2026-36528

Name of the Vulnerable Software and Affected Versions dtrace affected versions not specified Description An unprivileged attacker can cause the dtrace process to crash by using a malicious ELF binary. This occurs due to an integer Divide-by-Zero error within the Pbuild file symtab function...

Oracle Linux 数字错误漏洞

Oracle Linux is an open and complete operating environment from Oracle Corporation USA that provides virtualization, management and cloud-native computing tools, and operating systems. Oracle Linux suffers from a numeric error vulnerability that stems from integer division by zero in...

CVE-2026-2660

FascinatedBox lily up to 2.3 is affected by a use-after-free in shorthash_for_name (src/lily_symtab.c). The issue requires local access and has publicly available exploit code. The affected project was informed of the problem early via an issue but has not responded yet. Other connected sources c...

GNU elfutils eu-readelf readelf.c process_symtab buffer overflow

...

DEBIAN-CVE-2025-1365

A vulnerability, which was classified as critical, was found in GNU elfutils 0.192. This affects the function processsymtab of the file readelf.c of the component eu-readelf. The manipulation of the argument D/a leads to buffer overflow. Local access is required to approach this attack. The explo...

PT-2025-6895

Name of the Vulnerable Software and Affected Versions: GNU elfutils version 0.192 Description: A critical issue was found in GNU elfutils. This affects the process symtab function of the readelf.c file in the eu-readelf component. The manipulation of the D/a argument leads to a buffer overflow...

CVE-2022-47695

An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function bfdmachogetsyntheticsymtab in match-o.c...

OESA-2023-1445 elfutils security update

Elfutils is a collection of utilities, including stack to show backtraces, nm for listing symbols from object files, size for listing the section sizes of an object or archive file, strip for discarding symbols, elflint to check for well-formed ELF files and elfcompress to compress or decompress...

DEBIAN-CVE-2021-33294

In elfutils 0.183, an infinite loop was found in the function handlesymtab in readelf.c .Which allows attackers to cause a denial of service infinite loop via crafted file...

PT-2021-7965 · Elfutils +4 · Elfutils +4

Name of the Vulnerable Software and Affected Versions: Elfutils versions 0.183 Description: The issue is related to the handle symtab function in the readelf.c component of the Elfutils utility for modifying and analyzing ELF binary files. It involves an infinite loop with an unreachable exit...

Denial Of Service (DoS)

Binutils is vulnerable to denial of service DoS attacks. The vulnerability exists in the ignoresectionsym function in elf.c in the Binary File Descriptor BFD library because it does not validate the outputsection pointer in the case of a symtab entry with a "SECTION" type that has a "0" value. An...

Null pointer dereference

The ignoresectionsym function in elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, does not validate the outputsection pointer in the case of a symtab entry with a "SECTION" type that has a "0" value, which allows remote attackers to cause a denial o...

CVE-2018-8769

elfutils 0.170 has a buffer over-read in the ebldynamictagname function of libebl/ebldynamictagname.c because SYMTABSHNDX is unsupported...

CVE-2017-13757

The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, does not validate the PLT section size, which allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted ELF file, related to elfi386getsyntheticsymtab...

PT-2017-17841 · Red Hat +3 · Elfutils +3

Name of the Vulnerable Software and Affected Versions: elfutils version 0.168 Description: The issue allows remote attackers to cause a denial of service, resulting in a heap-based buffer over-read and application crash, via a crafted ELF file. This is due to a problem in the check symtab shndx...