In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note in libelf/note_xlate.h because of an incorrect overflow check. Crafted elf input causes a segmentation fault, leading to denial of service (program crash).
References
Link | Resource |
---|---|
https://access.redhat.com/errata/RHSA-2019:2197 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2019:3575 | Third Party Advisory |
https://sourceware.org/bugzilla/show_bug.cgi?id=24084 | Exploit Issue Tracking Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-02-09T16:00:00
Updated: 2019-11-06T00:06:59
Reserved: 2019-02-09T00:00:00
Link: CVE-2019-7664
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-02-09T16:29:00.360
Modified: 2023-02-28T20:45:32.437
Link: CVE-2019-7664
JSON object: View
Redhat Information
No data.
CWE