Filtered by vendor Elfutils Project
Subscriptions
Total
26 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-7607 | 1 Elfutils Project | 1 Elfutils | 2019-10-03 | N/A |
| The handle_gnu_hash function in readelf.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | ||||
| CVE-2018-8769 | 1 Elfutils Project | 1 Elfutils | 2019-10-03 | N/A |
| elfutils 0.170 has a buffer over-read in the ebl_dynamic_tag_name function of libebl/ebldynamictagname.c because SYMTAB_SHNDX is unsupported. | ||||
| CVE-2017-7613 | 3 Canonical, Debian, Elfutils Project | 3 Ubuntu Linux, Debian Linux, Elfutils | 2019-06-20 | N/A |
| elflint.c in elfutils 0.168 does not validate the number of sections and the number of segments, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file. | ||||
| CVE-2017-7609 | 1 Elfutils Project | 1 Elfutils | 2019-06-20 | N/A |
| elf_compress.c in elfutils 0.168 does not validate the zlib compression factor, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file. | ||||
| CVE-2014-0172 | 1 Elfutils Project | 1 Elfutils | 2017-07-01 | N/A |
| Integer overflow in the check_section function in dwarf_begin_elf.c in the libdw library, as used in elfutils 0.153 and possibly through 0.158 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed compressed debug section in an ELF file, which triggers a heap-based buffer overflow. | ||||
| CVE-2014-9447 | 1 Elfutils Project | 1 Elfutils | 2015-04-18 | N/A |
| Directory traversal vulnerability in the read_long_names function in libelf/elf_begin.c in elfutils 0.152 and 0.161 allows remote attackers to write to arbitrary files to the root directory via a / (slash) in a crafted archive, as demonstrated using the ar program. | ||||