Show filters
26 Total Results
Displaying 11-20 of 26
Sort by:
Attacker Value
Unknown

CVE-2018-18310

Disclosure Date: October 15, 2018 (last updated November 27, 2024)
An invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl in elfutils through v0.174. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by consider_notes.
Attacker Value
Unknown

CVE-2018-16402

Disclosure Date: September 03, 2018 (last updated November 08, 2023)
libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact because it tries to decompress twice.
Attacker Value
Unknown

CVE-2018-16403

Disclosure Date: September 03, 2018 (last updated November 08, 2023)
libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarf_getabbrev in dwarf_getabbrev.c and dwarf_hasattr in dwarf_hasattr.c, leading to a heap-based buffer over-read and an application crash.
0
Attacker Value
Unknown

CVE-2018-16062

Disclosure Date: August 29, 2018 (last updated November 08, 2023)
dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.
Attacker Value
Unknown

CVE-2018-8769

Disclosure Date: March 18, 2018 (last updated November 26, 2024)
elfutils 0.170 has a buffer over-read in the ebl_dynamic_tag_name function of libebl/ebldynamictagname.c because SYMTAB_SHNDX is unsupported.
0
Attacker Value
Unknown

CVE-2017-7609

Disclosure Date: April 09, 2017 (last updated November 26, 2024)
elf_compress.c in elfutils 0.168 does not validate the zlib compression factor, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file.
0
Attacker Value
Unknown

CVE-2017-7607

Disclosure Date: April 09, 2017 (last updated November 26, 2024)
The handle_gnu_hash function in readelf.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
0
Attacker Value
Unknown

CVE-2017-7612

Disclosure Date: April 09, 2017 (last updated November 26, 2024)
The check_sysv_hash function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
0
Attacker Value
Unknown

CVE-2017-7608

Disclosure Date: April 09, 2017 (last updated November 26, 2024)
The ebl_object_note_type_name function in eblobjnotetypename.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
0
Attacker Value
Unknown

CVE-2017-7611

Disclosure Date: April 09, 2017 (last updated November 26, 2024)
The check_symtab_shndx function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
0