Elfutils Project

elfutils_project

33 CVEs • 1 product

Products (1)

Click to collapse

Toggle

CVEs (33)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-16062 5Canonical DebianElfutils Project+2 more 7Debian Linux ElfutilsEnterprise Linux Desktop+4 more Nov 21, 2024 Aug 29, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.
CVE-2018-8769 1Elfutils Project 1Elfutils Nov 21, 2024 Mar 18, 2018 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 elfutils 0.170 has a buffer over-read in the ebl_dynamic_tag_name function of libebl/ebldynamictagname.c because SYMTAB_SHNDX is unsupported.
CVE-2017-7613 3Canonical DebianElfutils Project 3Debian Linux ElfutilsUbuntu Linux May 13, 2026 Apr 9, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 elflint.c in elfutils 0.168 does not validate the number of sections and the number of segments, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file.
CVE-2017-7612 3Canonical DebianElfutils Project 3Debian Linux ElfutilsUbuntu Linux May 13, 2026 Apr 9, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The check_sysv_hash function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
CVE-2017-7611 3Canonical DebianElfutils Project 3Debian Linux ElfutilsUbuntu Linux May 13, 2026 Apr 9, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The check_symtab_shndx function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
CVE-2017-7610 3Canonical DebianElfutils Project 3Debian Linux ElfutilsUbuntu Linux May 13, 2026 Apr 9, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The check_group function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
CVE-2017-7609 1Elfutils Project 1Elfutils May 13, 2026 Apr 9, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 elf_compress.c in elfutils 0.168 does not validate the zlib compression factor, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file.
CVE-2017-7608 3Canonical DebianElfutils Project 3Debian Linux ElfutilsUbuntu Linux May 13, 2026 Apr 9, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The ebl_object_note_type_name function in eblobjnotetypename.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
CVE-2017-7607 1Elfutils Project 1Elfutils May 13, 2026 Apr 9, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The handle_gnu_hash function in readelf.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
CVE-2016-10255 1Elfutils Project 1Elfutils May 13, 2026 Mar 23, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The __libelf_set_rawdata_wrlock function in elf_getdata.c in elfutils before 0.168 allows remote attackers to cause a denial of service (crash) via a crafted (1) sh_off or (2) sh_size ELF header value, which triggers a m...Show more The __libelf_set_rawdata_wrlock function in elf_getdata.c in elfutils before 0.168 allows remote attackers to cause a denial of service (crash) via a crafted (1) sh_off or (2) sh_size ELF header value, which triggers a memory allocation failure.Show less
CVE-2016-10254 1Elfutils Project 1Elfutils May 13, 2026 Mar 23, 2017 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 The allocate_elf function in common.h in elfutils before 0.168 allows remote attackers to cause a denial of service (crash) via a crafted ELF file, which triggers a memory allocation failure.
CVE-2014-9447 1Elfutils Project 1Elfutils May 6, 2026 Jan 2, 2015 N/A· v4 N/A· v3 6.4 MEDIUM· v2 Directory traversal vulnerability in the read_long_names function in libelf/elf_begin.c in elfutils 0.152 and 0.161 allows remote attackers to write to arbitrary files to the root directory via a / (slash) in a crafted a...Show more Directory traversal vulnerability in the read_long_names function in libelf/elf_begin.c in elfutils 0.152 and 0.161 allows remote attackers to write to arbitrary files to the root directory via a / (slash) in a crafted archive, as demonstrated using the ar program.Show less
CVE-2014-0172 1Elfutils Project 1Elfutils May 6, 2026 Apr 11, 2014 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Integer overflow in the check_section function in dwarf_begin_elf.c in the libdw library, as used in elfutils 0.153 and possibly through 0.158 allows remote attackers to cause a denial of service (application crash) or p...Show more Integer overflow in the check_section function in dwarf_begin_elf.c in the libdw library, as used in elfutils 0.153 and possibly through 0.158 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed compressed debug section in an ELF file, which triggers a heap-based buffer overflow.Show less