Download
| Alert*
oval:org.secpod.oval:def:89003290
This update for elfutils fixes the following issues: Security issues fixed: - CVE-2018-16403: Fixed a heap-based buffer over-read that could have led to Denial of Service . - CVE-2016-10254: Fixed a memory allocation failure in alloxate_elf . - CVE-2019-7665: NT_PLATFORM core file note should be a z ... oval:org.secpod.oval:def:503265 The elfutils packages contain a number of utility programs and libraries related to the creation and maintenance of executable code. The following packages have been upgraded to a later upstream version: elfutils . Security Fix: * elfutils: Heap-based buffer over-read in libdw/dwarf_getaranges.c:dw ... oval:org.secpod.oval:def:112360 Elfutils is a collection of utilities, including stack , nm , size , strip , readelf , elflint and elfcompress . oval:org.secpod.oval:def:52049 elfutils: collection of utilities to handle ELF objects elfutils could be made to crash or consume resources if it opened a specially crafted file. oval:org.secpod.oval:def:704105 elfutils: collection of utilities to handle ELF objects elfutils could be made to crash or consume resources if it opened a specially crafted file. oval:org.secpod.oval:def:1800626 CVE-2017-7607: Heap-buffer overflow in the handle_gnu_hash function; The handle_gnu_hash function in readelf.c in elfutils 0.168 allows remote attackers to cause a denial of service via a crafted ELF file. oval:org.secpod.oval:def:55526 elfutils: collection of utilities to handle ELF objects Several security issues were fixed in elfutils. oval:org.secpod.oval:def:2000425 dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service via a crafted file. oval:org.secpod.oval:def:705009 elfutils: collection of utilities to handle ELF objects Several security issues were fixed in elfutils. |