Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2018-18310

Опубликовано: 15 окт. 2018
Источник: debian

Описание

An invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl in elfutils through v0.174. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by consider_notes.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
elfutilsfixed0.175-1package

Примечания

  • https://sourceware.org/bugzilla/show_bug.cgi?id=23752

  • https://sourceware.org/ml/elfutils-devel/2018-q4/msg00022.html

  • https://sourceware.org/git/?p=elfutils.git;a=commit;h=20f9de9b5f704cec55df92406a50bcbcfca96acd

Связанные уязвимости

ubuntu логотип

CVE-2018-18310

CVSS3: 5.5
ubuntu
больше 7 лет назад

An invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl in elfutils through v0.174. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by consider_notes.

redhat логотип

CVE-2018-18310

CVSS3: 3.3
redhat
больше 7 лет назад

An invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl in elfutils through v0.174. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by consider_notes.

nvd логотип

CVE-2018-18310

CVSS3: 5.5
nvd
больше 7 лет назад

An invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl in elfutils through v0.174. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by consider_notes.

github логотип

GHSA-h443-vvj7-wc74

CVSS3: 5.5
github
больше 3 лет назад

An invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl in elfutils through v0.174. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by consider_notes.

fstec логотип

BDU:2018-01517

CVSS3: 5.5
fstec
больше 7 лет назад

Уязвимость библиотеки libdwfl утилиты для модификации и анализа бинарных файлов ELF Elfutils, позволяющая нарушителю вызвать отказ в обслуживании