Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
elfutils project vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2016-10254
The allocate_elf function in common.h in elfutils prior to 0.168 allows remote malicious users to cause a denial of service (crash) via a crafted ELF file, which triggers a memory allocation failure.
Elfutils Project Elfutils
4.3
CVSSv2
CVE-2016-10255
The __libelf_set_rawdata_wrlock function in elf_getdata.c in elfutils prior to 0.168 allows remote malicious users to cause a denial of service (crash) via a crafted (1) sh_off or (2) sh_size ELF header value, which triggers a memory allocation failure.
Elfutils Project Elfutils
4.3
CVSSv2
CVE-2018-16403
libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarf_getabbrev in dwarf_getabbrev.c and dwarf_hasattr in dwarf_hasattr.c, leading to a heap-based buffer over-read and an application crash.
Elfutils Project Elfutils 0.173
6.8
CVSSv2
CVE-2018-8769
elfutils 0.170 has a buffer over-read in the ebl_dynamic_tag_name function of libebl/ebldynamictagname.c because SYMTAB_SHNDX is unsupported.
Elfutils Project Elfutils 0.170
4.3
CVSSv2
CVE-2017-7607
The handle_gnu_hash function in readelf.c in elfutils 0.168 allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.
Elfutils Project Elfutils 0.168
4.3
CVSSv2
CVE-2019-7146
In elfutils 0.175, there is a buffer over-read in the ebl_object_note function in eblobjnote.c in libebl. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted elf file, as demonstrated by eu-readelf.
Elfutils Project Elfutils 0.175
4.3
CVSSv2
CVE-2019-7148
An attempted excessive memory allocation exists in the function read_long_names in elf_begin.c in libelf in elfutils 0.174. Remote attackers could leverage this vulnerability to cause a denial-of-service via crafted elf input, which leads to an out-of-memory exception. NOTE: The ...
Elfutils Project Elfutils 0.174
4.3
CVSSv2
CVE-2017-7609
elf_compress.c in elfutils 0.168 does not validate the zlib compression factor, which allows remote malicious users to cause a denial of service (memory consumption) via a crafted ELF file.
Elfutils Project Elfutils 0.168
NA
CVE-2020-21047
The libcpu component which is used by libasm of elfutils version 0.177 (git 47780c9e), suffers from denial-of-service vulnerability caused by application crashes due to out-of-bounds write (CWE-787), off-by-one error (CWE-193) and reachable assertion (CWE-617); to exploit the vul...
Elfutils Project Elfutils 0.177
NA
CVE-2021-33294
In elfutils 0.183, an infinite loop was found in the function handle_symtab in readelf.c .Which allows malicious users to cause a denial of service (infinite loop) via crafted file.
Elfutils Project Elfutils 0.183
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-24955
man-in-the-middle
dos
CVE-2024-2818
CVE-2024-30584
CVE-2024-31134
camera
CVE-2023-45866
CVE-2024-30585
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »