Published: 29/01/2019 Updated: 24/08/2020

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

In elfutils 0.175, there is a buffer over-read in the ebl_object_note function in eblobjnote.c in libebl. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted elf file, as demonstrated by eu-readelf.

Vulnerable Product	Search on Vulmon	Subscribe to Product
elfutils project elfutils 0.175

Synopsis Low: elfutils security, bug fix, and enhancement update Type/Severity Security Advisory: Low Topic An update for elfutils is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Low A Common Vulnerability Scoring System (CVSS) b ...

Synopsis Moderate: OpenShift Container Platform 461 image security update Type/Severity Security Advisory: Moderate Topic An update is now available for Red Hat OpenShift Container Platform 46Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability S ...

Debian Bug report logs - #920909 elfutils: CVE-2019-7150 Package: src:elfutils; Maintainer for src:elfutils is Kurt Roeckx <kurt@roeckxbe>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 30 Jan 2019 14:33:02 UTC Severity: normal Tags: fixed-upstream, patch, security, upstream Found in version elfu ...

Debian Bug report logs - #920910 elfutils: CVE-2019-7149 Package: src:elfutils; Maintainer for src:elfutils is Kurt Roeckx <kurt@roeckxbe>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 30 Jan 2019 14:33:04 UTC Severity: normal Tags: fixed-upstream, security, upstream Found in version elfutils/0 ...

Debian Bug report logs - #920911 elfutils: CVE-2019-7146 Package: src:elfutils; Maintainer for src:elfutils is Kurt Roeckx <kurt@roeckxbe>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 30 Jan 2019 14:33:07 UTC Severity: normal Tags: fixed-upstream, security, upstream Found in version elfutils/0 ...

Debian Bug report logs - #921881 elfutils: CVE-2019-7664 Package: src:elfutils; Maintainer for src:elfutils is Kurt Roeckx <kurt@roeckxbe>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 9 Feb 2019 20:27:04 UTC Severity: normal Tags: fixed-upstream, security, upstream Found in version elfutils/0 ...

Debian Bug report logs - #921880 elfutils: CVE-2019-7665 Package: src:elfutils; Maintainer for src:elfutils is Kurt Roeckx <kurt@roeckxbe>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 9 Feb 2019 20:27:01 UTC Severity: normal Tags: fixed-upstream, security, upstream Found in version elfutils/0 ...

CWE-125 https://sourceware.org/bugzilla/show_bug.cgi?id=24081 https://sourceware.org/bugzilla/show_bug.cgi?id=24075 https://access.redhat.com/errata/RHSA-2019:3575 https://access.redhat.com/errata/RHSA-2019:3575 https://nvd.nist.gov

CVE-2019-7146

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect