Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2021-33294

Published: 18/07/2023 Updated: 27/07/2023
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 0
Subscribe to Elfutils

Vulnerability Summary

In elfutils 0.183, an infinite loop was found in the function handle_symtab in readelf.c .Which allows malicious users to cause a denial of service (infinite loop) via crafted file.

Vulnerable Product Search on Vulmon Subscribe to Product

elfutils project elfutils 0.183

Vendor Advisories

Amazon Linux 2: ALAS2-2023-2197
In elfutils 0183, an infinite loop was found in the function handle_symtab in readelfc Which allows attackers to cause a denial of service (infinite loop) via crafted file (CVE-2021-33294) ...

ICS Advisories

https://ics-cert.us-cert.gov/advisories/fd87a3fc00e025fdc5034360097d2bdf
Critical Infrastructure Sectors: Critical Manufacturing

References

CWE-835https://sourceware.org/pipermail/elfutils-devel/2021q1/003607.htmlhttps://sourceware.org/bugzilla/show_bug.cgi?id=27501https://nvd.nist.govhttps://alas.aws.amazon.com/AL2/ALAS-2023-2197.htmlhttps://www.cisa.gov/news-events/ics-advisories/icsa-23-348-10
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race conditionCVE-2024-4249CVE-2024-4244CVE-2023-20198TCPCVE-2022-48648CVE-2022-48636CVE-2024-21345SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook