Product:

Elfutils

(Elfutils_project)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 26
Date Id Summary Products Score Patch Annotated
2023-07-18 CVE-2021-33294 In elfutils 0.183, an infinite loop was found in the function handle_symtab in readelf.c .Which allows attackers to cause a denial of service (infinite loop) via crafted file. Elfutils 5.5
2023-08-22 CVE-2020-21047 The libcpu component which is used by libasm of elfutils version 0.177 (git 47780c9e), suffers from denial-of-service vulnerability caused by application crashes due to out-of-bounds write (CWE-787), off-by-one error (CWE-193) and reachable assertion (CWE-617); to exploit the vulnerability, the attackers need to craft certain ELF files which bypass the missing bound checks. Elfutils 5.5
2017-03-23 CVE-2016-10254 The allocate_elf function in common.h in elfutils before 0.168 allows remote attackers to cause a denial of service (crash) via a crafted ELF file, which triggers a memory allocation failure. Elfutils 5.5
2017-03-23 CVE-2016-10255 The __libelf_set_rawdata_wrlock function in elf_getdata.c in elfutils before 0.168 allows remote attackers to cause a denial of service (crash) via a crafted (1) sh_off or (2) sh_size ELF header value, which triggers a memory allocation failure. Elfutils 5.5
2018-08-29 CVE-2018-16062 dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file. Ubuntu_linux, Debian_linux, Elfutils, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation 5.5
2018-09-03 CVE-2018-16402 libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact because it tries to decompress twice. Ubuntu_linux, Debian_linux, Elfutils, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation 9.8