English
Français
Light
Dark
System

Alert System

Stay informed at all times
Create an account Open a free account Login Manage your alerts

elfutils project elfutils 0.168

CPE Details

elfutils project elfutils 0.168
elfutils_project
elfutils
0.168
2018-10-29 14:48 +00:00
2018-10-29 14:48 +00:00
CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.
Alert management

CPE Name: cpe:2.3:a:elfutils_project:elfutils:0.168:*:*:*:*:*:*:*

Informations

Vendor

elfutils_project

Product

elfutils

Version

0.168

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2018-18520 2018-10-19 15:00 +00:00 An Invalid Memory Address Dereference exists in the function elf_end in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handle_ar in size.c closes the outer ar file before handling all inner entries. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file.
6.5
MEDIUM
CVE-2018-18310 2018-10-15 00:00 +00:00 An invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl in elfutils through v0.174. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by consider_notes.
5.5
MEDIUM
CVE-2018-16062 2018-08-29 01:00 +00:00 dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.
5.5
MEDIUM
CVE-2017-7607 2017-04-09 12:00 +00:00 The handle_gnu_hash function in readelf.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
5.5
MEDIUM
CVE-2017-7608 2017-04-09 12:00 +00:00 The ebl_object_note_type_name function in eblobjnotetypename.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
5.5
MEDIUM
CVE-2017-7609 2017-04-09 12:00 +00:00 elf_compress.c in elfutils 0.168 does not validate the zlib compression factor, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file.
5.5
MEDIUM
CVE-2017-7610 2017-04-09 12:00 +00:00 The check_group function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
5.5
MEDIUM
CVE-2017-7611 2017-04-09 12:00 +00:00 The check_symtab_shndx function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
5.5
MEDIUM
CVE-2017-7612 2017-04-09 12:00 +00:00 The check_sysv_hash function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
5.5
MEDIUM
CVE-2017-7613 2017-04-09 12:00 +00:00 elflint.c in elfutils 0.168 does not validate the number of sections and the number of segments, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file.
5.5
MEDIUM

More information
Click on the button to the left (OFF), to authorize the inscription of cookie improving the functionalities of the site. Click on the button to the left (Accept all), to unauthorize the inscription of cookie improving the functionalities of the site.