The libcpu component which is used by libasm of elfutils version 0.177 , suffers from denial-of-service vulnerability caused by application crashes due to out-of-bounds write , off-by-one error and reachable assertion ; to exploit the vulnerability, the attackers need to craft certain ELF files which bypass the missing bound checks