CVEs (33)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
5Canonical DebianElfutils Project+2 more7Debian Linux ElfutilsEnterprise Linux Desktop+4 moreNov 21, 2024 Aug 29, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file. |
elfutils 0.170 has a buffer over-read in the ebl_dynamic_tag_name function of libebl/ebldynamictagname.c because SYMTAB_SHNDX is unsupported. |
3Canonical DebianElfutils Project3Debian Linux ElfutilsUbuntu LinuxMay 13, 2026 Apr 9, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 elflint.c in elfutils 0.168 does not validate the number of sections and the number of segments, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file. |
3Canonical DebianElfutils Project3Debian Linux ElfutilsUbuntu LinuxMay 13, 2026 Apr 9, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The check_sysv_hash function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. |
3Canonical DebianElfutils Project3Debian Linux ElfutilsUbuntu LinuxMay 13, 2026 Apr 9, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The check_symtab_shndx function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. |
3Canonical DebianElfutils Project3Debian Linux ElfutilsUbuntu LinuxMay 13, 2026 Apr 9, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The check_group function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. |
elf_compress.c in elfutils 0.168 does not validate the zlib compression factor, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file. |
3Canonical DebianElfutils Project3Debian Linux ElfutilsUbuntu LinuxMay 13, 2026 Apr 9, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The ebl_object_note_type_name function in eblobjnotetypename.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. |
The handle_gnu_hash function in readelf.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. |
The __libelf_set_rawdata_wrlock function in elf_getdata.c in elfutils before 0.168 allows remote attackers to cause a denial of service (crash) via a crafted (1) sh_off or (2) sh_size ELF header value, which triggers a m...Show more |
The allocate_elf function in common.h in elfutils before 0.168 allows remote attackers to cause a denial of service (crash) via a crafted ELF file, which triggers a memory allocation failure. |
Directory traversal vulnerability in the read_long_names function in libelf/elf_begin.c in elfutils 0.152 and 0.161 allows remote attackers to write to arbitrary files to the root directory via a / (slash) in a crafted a...Show more |
Integer overflow in the check_section function in dwarf_begin_elf.c in the libdw library, as used in elfutils 0.153 and possibly through 0.158 allows remote attackers to cause a denial of service (application crash) or p...Show more |