CVE-2019-7148

Source
Severity Low
Remote Yes
Type Denial of service
Description
An attempted excessive memory allocation was discovered in the function read_long_names in elf_begin.c in libelf in elfutils <= 0.175. Remote attackers could leverage this vulnerability to cause a denial-of-service via crafted elf input, which leads to an out-of-memory exception.
Group Package Affected Fixed Severity Status Ticket
AVG-863 libelf 0.175-1 0.176-1 Medium Fixed
Date Advisory Group Package Severity Description
18 Mar 2019 ASA-201903-9 AVG-863 libelf Medium denial of service
References
https://sourceware.org/bugzilla/show_bug.cgi?id=24085