Information on source package elfutils

Available versions

ReleaseVersion
jessie0.159-4.2
jessie (security)0.159-4.2+deb8u1
stretch0.168-1
buster0.176-1.1
sid0.176-1.1

Open issues

BugjessiestretchbustersidDescription
CVE-2019-7665fixedvulnerable (no DSA)fixedfixedIn elfutils 0.175, a heap-based buffer over-read was discovered in the ...
CVE-2019-7664fixedvulnerable (no DSA)fixedfixedIn elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_not ...
CVE-2019-7150fixedvulnerable (no DSA)fixedfixedAn issue was discovered in elfutils 0.175. A segmentation fault can oc ...
CVE-2019-7149fixedvulnerable (no DSA)fixedfixedA heap-based buffer over-read was discovered in the function read_srcl ...
CVE-2018-18521fixedvulnerable (no DSA)fixedfixedDivide-by-zero vulnerabilities in the function arlib_add_symbols() in ...
CVE-2018-18520fixedvulnerable (no DSA)fixedfixedAn Invalid Memory Address Dereference exists in the function elf_end i ...
CVE-2018-18310fixedvulnerable (no DSA)fixedfixedAn invalid memory address dereference was discovered in dwfl_segment_r ...
CVE-2018-16403vulnerable (no DSA)vulnerable (no DSA)fixedfixedlibdw in elfutils 0.173 checks the end of the attributes list incorrec ...
CVE-2018-16402fixedvulnerable (no DSA)fixedfixedlibelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a ...
CVE-2018-16062fixedvulnerable (no DSA)fixedfixeddwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 201 ...
CVE-2017-7607vulnerable (no DSA)fixedfixedfixedThe handle_gnu_hash function in readelf.c in elfutils 0.168 allows rem ...
CVE-2016-10255vulnerable (no DSA)fixedfixedfixedThe __libelf_set_rawdata_wrlock function in elf_getdata.c in elfutils ...
CVE-2016-10254vulnerable (no DSA)fixedfixedfixedThe allocate_elf function in common.h in elfutils before 0.168 allows ...

Open unimportant issues

BugjessiestretchbustersidDescription
CVE-2019-7148vulnerablevulnerablefixedfixed**DISPUTED** An attempted excessive memory allocation was discovered i ...

Resolved issues

BugDescription
CVE-2019-7146In elfutils 0.175, there is a buffer over-read in the ebl_object_note ...
CVE-2018-8769elfutils 0.170 has a buffer over-read in the ebl_dynamic_tag_name func ...
CVE-2017-7613elflint.c in elfutils 0.168 does not validate the number of sections a ...
CVE-2017-7612The check_sysv_hash function in elflint.c in elfutils 0.168 allows rem ...
CVE-2017-7611The check_symtab_shndx function in elflint.c in elfutils 0.168 allows ...
CVE-2017-7610The check_group function in elflint.c in elfutils 0.168 allows remote ...
CVE-2017-7609elf_compress.c in elfutils 0.168 does not validate the zlib compressio ...
CVE-2017-7608The ebl_object_note_type_name function in eblobjnotetypename.c in elfu ...
CVE-2014-9447Directory traversal vulnerability in the read_long_names function in l ...
CVE-2014-0172Integer overflow in the check_section function in dwarf_begin_elf.c in ...

Security announcements

DSA / DLADescription
DLA-1689-1elfutils - security update

Search for package or bug name: Reporting problems