CVE-2018-8769

Опубликовано: 18 мар. 2018

Источник: debian

Описание

elfutils 0.170 has a buffer over-read in the ebl_dynamic_tag_name function of libebl/ebldynamictagname.c because SYMTAB_SHNDX is unsupported.

Пакет	Статус	Версия исправления	Релиз	Тип
elfutils	not-affected			package

https://sourceware.org/bugzilla/show_bug.cgi?id=22976
https://sourceware.org/ml/elfutils-devel/2018-q1/msg00078.html
Issue introduced with a merge/update of elf.h from glibc in
https://sourceware.org/git/?p=elfutils.git;a=commit;h=88f3d2daa107b09fdba376a82bce7ed534c93645
when SYMTAB_SHNDX was introduced, but not yet handled in the
ebl_dynamic_tag_name function.

CVE-2018-8769

CVSS3: 7.8

ubuntu

почти 8 лет назад

elfutils 0.170 has a buffer over-read in the ebl_dynamic_tag_name function of libebl/ebldynamictagname.c because SYMTAB_SHNDX is unsupported.

CVE-2018-8769

CVSS3: 4.4

redhat

почти 8 лет назад

elfutils 0.170 has a buffer over-read in the ebl_dynamic_tag_name function of libebl/ebldynamictagname.c because SYMTAB_SHNDX is unsupported.

CVE-2018-8769

CVSS3: 7.8

nvd

почти 8 лет назад

elfutils 0.170 has a buffer over-read in the ebl_dynamic_tag_name function of libebl/ebldynamictagname.c because SYMTAB_SHNDX is unsupported.

GHSA-4qj2-w4f3-j3q6

CVSS3: 7.8

github

больше 3 лет назад

elfutils 0.170 has a buffer over-read in the ebl_dynamic_tag_name function of libebl/ebldynamictagname.c because SYMTAB_SHNDX is unsupported.