Information on source package elfutils

Available versions

ReleaseVersion
jessie0.159-4.2
stretch0.168-1
buster0.170-0.5
sid0.175-1

Open issues

BugjessiestretchbustersidDescription
CVE-2018-18521vulnerable (no DSA)vulnerable (no DSA)vulnerablefixedDivide-by-zero vulnerabilities in the function arlib_add_symbols() in ...
CVE-2018-18520vulnerable (no DSA)vulnerable (no DSA)vulnerablefixedAn Invalid Memory Address Dereference exists in the function elf_end in ...
CVE-2018-18310vulnerable (no DSA)vulnerable (no DSA)vulnerablefixedAn invalid memory address dereference was discovered in ...
CVE-2018-16403vulnerable (no DSA)vulnerable (no DSA)vulnerablefixedlibdw in elfutils 0.173 checks the end of the attributes list ...
CVE-2018-16402vulnerable (no DSA)vulnerable (no DSA)vulnerablefixedlibelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a ...
CVE-2018-16062vulnerable (no DSA)vulnerable (no DSA)vulnerablefixeddwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before ...
CVE-2017-7613vulnerable (no DSA)fixedfixedfixedelflint.c in elfutils 0.168 does not validate the number of sections ...
CVE-2017-7612vulnerable (no DSA)fixedfixedfixedThe check_sysv_hash function in elflint.c in elfutils 0.168 allows ...
CVE-2017-7611vulnerable (no DSA)fixedfixedfixedThe check_symtab_shndx function in elflint.c in elfutils 0.168 allows ...
CVE-2017-7610vulnerable (no DSA)fixedfixedfixedThe check_group function in elflint.c in elfutils 0.168 allows remote ...
CVE-2017-7608vulnerable (no DSA)fixedfixedfixedThe ebl_object_note_type_name function in eblobjnotetypename.c in ...
CVE-2017-7607vulnerable (no DSA)fixedfixedfixedThe handle_gnu_hash function in readelf.c in elfutils 0.168 allows ...
CVE-2016-10255vulnerable (no DSA)fixedfixedfixedThe __libelf_set_rawdata_wrlock function in elf_getdata.c in elfutils ...
CVE-2016-10254vulnerable (no DSA)fixedfixedfixedThe allocate_elf function in common.h in elfutils before 0.168 allows ...

Resolved issues

BugDescription
CVE-2018-8769elfutils 0.170 has a buffer over-read in the ebl_dynamic_tag_name ...
CVE-2017-7609elf_compress.c in elfutils 0.168 does not validate the zlib compression ...
CVE-2014-9447Directory traversal vulnerability in the read_long_names function in ...
CVE-2014-0172Integer overflow in the check_section function in dwarf_begin_elf.c in ...

Search for package or bug name: Reporting problems