elfutils project elfutils 0.132

CPE Details

elfutils project elfutils 0.132
elfutils_project
elfutils
0.132
2014-04-14
13h06 +00:00
2014-04-17
18h24 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:elfutils_project:elfutils:0.132:*:*:*:*:*:*:*

Informations

Vendor

elfutils_project

Product

elfutils

Version

0.132

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2018-18520 2018-10-19 15h00 +00:00 An Invalid Memory Address Dereference exists in the function elf_end in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handle_ar in size.c closes the outer ar file before handling all inner entries. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file.
6.5
Medium
CVE-2018-18310 2018-10-15 00h00 +00:00 An invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl in elfutils through v0.174. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by consider_notes.
5.5
Medium
CVE-2018-16062 2018-08-29 01h00 +00:00 dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.
5.5
Medium
CVE-2016-10254 2017-03-23 15h00 +00:00 The allocate_elf function in common.h in elfutils before 0.168 allows remote attackers to cause a denial of service (crash) via a crafted ELF file, which triggers a memory allocation failure.
5.5
Medium
CVE-2016-10255 2017-03-23 15h00 +00:00 The __libelf_set_rawdata_wrlock function in elf_getdata.c in elfutils before 0.168 allows remote attackers to cause a denial of service (crash) via a crafted (1) sh_off or (2) sh_size ELF header value, which triggers a memory allocation failure.
5.5
Medium