elflint.c in elfutils 0.168 does not validate the number of sections and the number of segments, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file.
Max CVSS
5.5
EPSS Score
0.78%
Published
2017-04-09
Updated
2019-06-20
The check_sysv_hash function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
Max CVSS
5.5
EPSS Score
0.65%
Published
2017-04-09
Updated
2019-10-03
The check_symtab_shndx function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
Max CVSS
5.5
EPSS Score
0.65%
Published
2017-04-09
Updated
2019-10-03
The check_group function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
Max CVSS
5.5
EPSS Score
0.65%
Published
2017-04-09
Updated
2019-10-03
elf_compress.c in elfutils 0.168 does not validate the zlib compression factor, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file.
Max CVSS
5.5
EPSS Score
0.53%
Published
2017-04-09
Updated
2018-06-07
The ebl_object_note_type_name function in eblobjnotetypename.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
Max CVSS
5.5
EPSS Score
0.43%
Published
2017-04-09
Updated
2019-10-03
The handle_gnu_hash function in readelf.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
Max CVSS
5.5
EPSS Score
0.72%
Published
2017-04-09
Updated
2019-10-03
The __libelf_set_rawdata_wrlock function in elf_getdata.c in elfutils before 0.168 allows remote attackers to cause a denial of service (crash) via a crafted (1) sh_off or (2) sh_size ELF header value, which triggers a memory allocation failure.
Max CVSS
5.5
EPSS Score
1.26%
Published
2017-03-23
Updated
2018-06-07
The allocate_elf function in common.h in elfutils before 0.168 allows remote attackers to cause a denial of service (crash) via a crafted ELF file, which triggers a memory allocation failure.
Max CVSS
5.5
EPSS Score
0.99%
Published
2017-03-23
Updated
2018-06-07
9 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!