libelf

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Libraries to handle ELF object files and DWARF debugging information
Version 0.175-1 [core]

Open

Group Affected Fixed Severity Status Ticket
AVG-887 0.175-1 0.175-2 Medium Vulnerable
AVG-863 0.175-1 Low Vulnerable
Issue Group Severity Remote Type Description
CVE-2019-7665 AVG-887 Medium No Denial of service
In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. A crafted ELF input can cause...
CVE-2019-7664 AVG-887 Medium No Denial of service
In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note in libelf/note_xlate.h because of an incorrect overflow check. Crafted elf input...
CVE-2019-7150 AVG-863 Low Yes Denial of service
An issue was discovered in elfutils 0.175. A segmentation fault can occur in the function elf64_xlatetom in libelf/elf32_xlatetom.c, due to...
CVE-2019-7149 AVG-863 Low Yes Denial of service
A heap-based buffer over-read was discovered in the function read_srclines in dwarf_getsrclines.c in libdw in elfutils 0.175. A crafted input can cause...
CVE-2019-7148 AVG-863 Low Yes Denial of service
An attempted excessive memory allocation was discovered in the function read_long_names in elf_begin.c in libelf in elfutils <= 0.175. Remote attackers...