Synopsis
Low: elfutils security, bug fix, and enhancement update
Type/Severity
Security Advisory: Low
Topic
An update for elfutils is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Low A Common Vulnerability Scoring System (CVSS) b ...
Several security issues were fixed in elfutils ...
Debian Bug report logs -
#907562
elfutils: CVE-2018-16062
Package:
src:elfutils;
Maintainer for src:elfutils is Kurt Roeckx <kurt@roeckxbe>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 29 Aug 2018 12:51:01 UTC
Severity: normal
Tags: fixed-upstream, patch, security, upstream
Found in versions el ...
Debian Bug report logs -
#911414
elfutils: CVE-2018-18520
Package:
src:elfutils;
Maintainer for src:elfutils is Kurt Roeckx <kurt@roeckxbe>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Fri, 19 Oct 2018 21:54:02 UTC
Severity: important
Tags: fixed-upstream, patch, security, upstream
Found in versions ...
Debian Bug report logs -
#911083
elfutils: CVE-2018-18310
Package:
src:elfutils;
Maintainer for src:elfutils is Kurt Roeckx <kurt@roeckxbe>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 15 Oct 2018 13:27:02 UTC
Severity: important
Tags: fixed-upstream, patch, security, upstream
Found in versions ...
Debian Bug report logs -
#911413
elfutils: CVE-2018-18521
Package:
src:elfutils;
Maintainer for src:elfutils is Kurt Roeckx <kurt@roeckxbe>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Fri, 19 Oct 2018 21:51:02 UTC
Severity: important
Tags: fixed-upstream, patch, security, upstream
Found in versions ...
An out-of-bounds read was discovered in elfutils in the way it reads DWARF address ranges information Function dwarf_getaranges() in dwarf_getarangesc does not properly check whether it reads beyond the limits of the ELF section An attacker could use this flaw to cause a denial of service via a crafted file(CVE-2018-16062)
libelf/elf_endc in e ...
Divide-by-zero vulnerabilities in the function arlib_add_symbols() in arlibc in elfutils 0174 allow remote attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by eu-ranlib, because a zero sh_entsize is mishandled ...
Divide-by-zero vulnerabilities in the function arlib_add_symbols() in arlibc in elfutils 0174 allow remote attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by eu-ranlib, because a zero sh_entsize is mishandled ...