CVE-2017-7608

🗓️ 09 Apr 2017 00:00:00Reported by ubuntu.comType

The ebl_object_note_type_name function in elfutils 0.168 allows remote attackers to cause a denial of service via a crafted ELF file

Reporter	Title	Published	Views	Family All 79
AlpineLinux	CVE-2017-7608	9 Apr 201714:00	–	alpinelinux
CNVD	elfintils 'ebl_object_note_type_name' function denial of service vulnerability	11 Apr 201700:00	–	cnvd
CVE	CVE-2017-7608	9 Apr 201714:00	–	cve
Cvelist	CVE-2017-7608	9 Apr 201714:00	–	cvelist
Debian	[SECURITY] [DLA 1689-1] elfutils security update	25 Feb 201921:35	–	debian
Debian CVE	CVE-2017-7608	9 Apr 201714:00	–	debiancve
Tenable Nessus	Debian DLA-1689-1 : elfutils security update	26 Feb 201900:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP2 : elfutils (EulerOS-SA-2019-2510)	4 Dec 201900:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP3 : elfutils (EulerOS-SA-2019-2573)	19 Dec 201900:00	–	nessus
Tenable Nessus	Fedora 25 : elfutils (2017-5e4fb05a0a)	16 May 201700:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Ubuntu	20.10	any	elfutils	0.170-0.4	elfutils_0.170-0.4_any.deb
Ubuntu	17.10	any	elfutils	0.170-0.1	elfutils_0.170-0.1_any.deb
Ubuntu	18.04	any	elfutils	0.170-0.4	elfutils_0.170-0.4_any.deb
Ubuntu	18.10	any	elfutils	0.170-0.4	elfutils_0.170-0.4_any.deb
Ubuntu	19.04	any	elfutils	0.170-0.4	elfutils_0.170-0.4_any.deb
Ubuntu	19.10	any	elfutils	0.170-0.4	elfutils_0.170-0.4_any.deb
Ubuntu	20.04	any	elfutils	0.170-0.4	elfutils_0.170-0.4_any.deb
Ubuntu	21.04	any	elfutils	0.170-0.4	elfutils_0.170-0.4_any.deb
Ubuntu	14.04	any	elfutils	0.158-0ubuntu5.3	elfutils_0.158-0ubuntu5.3_any.deb
Ubuntu	16.04	any	elfutils	0.165-3ubuntu1.1	elfutils_0.165-3ubuntu1.1_any.deb

Source	Link
blogs	www.blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-ebl_object_note_type_name-eblobjnotetypename-c/
ubuntu	www.ubuntu.com/security/notices/USN-3670-1
cve	www.cve.org/CVERecord

25 Aug 2025 22:38Current

6.4Medium risk

Vulners AI Score6.4

CVSS 24.3

CVSS 35.5

EPSS0.0024