AVG-863

Package libelf
Status Fixed
Severity Medium
Type denial of service
Affected 0.175-1
Fixed 0.176-1
Current 0.176-1 [core]
Ticket None
Created Fri Feb 1 11:04:23 2019
Issue Severity Remote Type Description
CVE-2019-7665 Medium No Denial of service
In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. A crafted ELF input can cause...
CVE-2019-7664 Medium No Denial of service
In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note in libelf/note_xlate.h because of an incorrect overflow check. Crafted elf input...
CVE-2019-7150 Low Yes Denial of service
An issue was discovered in elfutils 0.175. A segmentation fault can occur in the function elf64_xlatetom in libelf/elf32_xlatetom.c, due to...
CVE-2019-7149 Low Yes Denial of service
A heap-based buffer over-read was discovered in the function read_srclines in dwarf_getsrclines.c in libdw in elfutils 0.175. A crafted input can cause...
CVE-2019-7148 Low Yes Denial of service
An attempted excessive memory allocation was discovered in the function read_long_names in elf_begin.c in libelf in elfutils <= 0.175. Remote attackers...
Date Advisory Package Description
18 Mar 2019 ASA-201903-9 libelf denial of service