Published: 09/04/2017 Updated: 03/10/2019

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

The handle_gnu_hash function in readelf.c in elfutils 0.168 allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
elfutils project elfutils 0.168

elfutils could be made to crash or consume resources if it opened a specially crafted file ...

Debian Bug report logs - #859992 elfutils: CVE-2017-7611 Package: src:elfutils; Maintainer for src:elfutils is Kurt Roeckx <kurt@roeckxbe>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 10 Apr 2017 04:45:01 UTC Severity: important Tags: fixed-upstream, patch, security, upstream Found in version e ...

Debian Bug report logs - #859993 elfutils: CVE-2017-7610 Package: src:elfutils; Maintainer for src:elfutils is Kurt Roeckx <kurt@roeckxbe>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 10 Apr 2017 04:54:01 UTC Severity: important Tags: fixed-upstream, security, upstream Found in version elfutils ...

Debian Bug report logs - #859995 elfutils: CVE-2017-7608 Package: src:elfutils; Maintainer for src:elfutils is Kurt Roeckx <kurt@roeckxbe>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 10 Apr 2017 05:06:01 UTC Severity: important Tags: fixed-upstream, security, upstream Found in version elfutils ...

Debian Bug report logs - #859996 elfutils: CVE-2017-7607 Package: src:elfutils; Maintainer for src:elfutils is Kurt Roeckx <kurt@roeckxbe>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 10 Apr 2017 05:33:01 UTC Severity: important Tags: fixed-upstream, security, upstream Found in version elfutils ...

Debian Bug report logs - #859991 elfutils: CVE-2017-7612 Package: src:elfutils; Maintainer for src:elfutils is Kurt Roeckx <kurt@roeckxbe>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 10 Apr 2017 04:42:02 UTC Severity: important Tags: fixed-upstream, patch, security, upstream Found in version e ...

Debian Bug report logs - #859990 elfutils: CVE-2017-7613 Package: src:elfutils; Maintainer for src:elfutils is Kurt Roeckx <kurt@roeckxbe>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 10 Apr 2017 04:33:01 UTC Severity: normal Tags: fixed-upstream, security, upstream Found in version elfutils/0 ...

Debian Bug report logs - #859994 elfutils: CVE-2017-7609 Package: src:elfutils; Maintainer for src:elfutils is Kurt Roeckx <kurt@roeckxbe>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 10 Apr 2017 04:57:01 UTC Severity: normal Tags: fixed-upstream, security, upstream Found in version elfutils/0 ...

The handle_gnu_hash function in readelfc in elfutils 0168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file ...

CWE-125 https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-handle_gnu_hash-readelf-c http://www.securityfocus.com/bid/98608 https://security.gentoo.org/glsa/201710-10 https://usn.ubuntu.com/3670-1/http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00052.html https://usn.ubuntu.com/3670-1/https://nvd.nist.gov

CVE-2017-7607

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect