Published: 22/08/2023 Updated: 07/11/2023

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 0

The libcpu component which is used by libasm of elfutils version 0.177 (git 47780c9e), suffers from denial-of-service vulnerability caused by application crashes due to out-of-bounds write (CWE-787), off-by-one error (CWE-193) and reachable assertion (CWE-617); to exploit the vulnerability, the attackers need to craft certain ELF files which bypass the missing bound checks.

Vulnerable Product	Search on Vulmon	Subscribe to Product
elfutils project elfutils 0.177

The libcpu component which is used by libasm of elfutils version 0177 (git 47780c9e), suffers from denial-of-service vulnerability caused by application crashes due to out-of-bounds write (CWE-787), off-by-one error (CWE-193) and reachable assertion (CWE-617); to exploit the vulnerability, the attackers need to craft certain ELF files which bypass ...

Critical Infrastructure Sectors: Critical Manufacturing

CWE-787 https://sourceware.org/bugzilla/show_bug.cgi?id=25068 https://lists.debian.org/debian-lts-announce/2023/09/msg00026.html https://sourceware.org/git/?p=elfutils.git%3Ba=commitdiff%3Bh=99dc63b10b3878616b85df2dfd2e4e7103e414b8 https://nvd.nist.gov https://alas.aws.amazon.com/AL2/ALAS-2023-2259.html https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-10

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-21047

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

ICS Advisories

References

Vulmon Search

About

Products

Connect