Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
elfutils vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2016-10254
The allocate_elf function in common.h in elfutils prior to 0.168 allows remote malicious users to cause a denial of service (crash) via a crafted ELF file, which triggers a memory allocation failure.
Elfutils Project Elfutils
4.3
CVSSv2
CVE-2016-10255
The __libelf_set_rawdata_wrlock function in elf_getdata.c in elfutils prior to 0.168 allows remote malicious users to cause a denial of service (crash) via a crafted (1) sh_off or (2) sh_size ELF header value, which triggers a memory allocation failure.
Elfutils Project Elfutils
4.3
CVSSv2
CVE-2018-16403
libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarf_getabbrev in dwarf_getabbrev.c and dwarf_hasattr in dwarf_hasattr.c, leading to a heap-based buffer over-read and an application crash.
Elfutils Project Elfutils 0.173
6.8
CVSSv2
CVE-2018-8769
elfutils 0.170 has a buffer over-read in the ebl_dynamic_tag_name function of libebl/ebldynamictagname.c because SYMTAB_SHNDX is unsupported.
Elfutils Project Elfutils 0.170
4.3
CVSSv2
CVE-2017-7607
The handle_gnu_hash function in readelf.c in elfutils 0.168 allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
Elfutils Project Elfutils 0.168
4.3
CVSSv2
CVE-2017-7609
elf_compress.c in elfutils 0.168 does not validate the zlib compression factor, which allows remote malicious users to cause a denial of service (memory consumption) via a crafted ELF file.
Elfutils Project Elfutils 0.168
NA
CVE-2021-33294
In elfutils 0.183, an infinite loop was found in the function handle_symtab in readelf.c .Which allows malicious users to cause a denial of service (infinite loop) via crafted file.
Elfutils Project Elfutils 0.183
NA
CVE-2020-21047
The libcpu component which is used by libasm of elfutils version 0.177 (git 47780c9e), suffers from denial-of-service vulnerability caused by application crashes due to out-of-bounds write (CWE-787), off-by-one error (CWE-193) and reachable assertion (CWE-617); to exploit the vul...
Elfutils Project Elfutils 0.177
4.3
CVSSv2
CVE-2019-7146
In elfutils 0.175, there is a buffer over-read in the ebl_object_note function in eblobjnote.c in libebl. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted elf file, as demonstrated by eu-readelf.
Elfutils Project Elfutils 0.175
4.3
CVSSv2
CVE-2019-7148
An attempted excessive memory allocation exists in the function read_long_names in elf_begin.c in libelf in elfutils 0.174. Remote attackers could leverage this vulnerability to cause a denial-of-service via crafted elf input, which leads to an out-of-memory exception. NOTE: The ...
Elfutils Project Elfutils 0.174
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21987
buffer overflow
CVE-2024-28890
CVE-2024-27574
CVE-2024-27347
CVE-2024-31450
privilege
SSTI
CVE-2024-31666
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »