Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2021-33294

Опубликовано: 18 июл. 2023
Источник: redhat
CVSS3: 6.2
EPSS Низкий

Описание

In elfutils 0.183, an infinite loop was found in the function handle_symtab in readelf.c .Which allows attackers to cause a denial of service (infinite loop) via crafted file.

A flaw was found in the elfutils tools package. An infinite loop is possible in the handle_symtab function in readelf.c, which may lead to a denial of service. A vulnerability was found in Elfutils, where an infinite loop in the handle_symtab function within readelf.c can lead to a denial of service, causing the application to become unresponsive and consume excessive system resources indefinitely.

Отчет

This vulnerability is rated as moderate because an infinite loop in Elfutils' handle_symtab function within readelf.c could lead to a denial of service, it does not lead to code execution but it can cause prolonged application unresponsiveness, impacting availability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6elfutilsOut of support scope
Red Hat Enterprise Linux 7elfutilsOut of support scope
Red Hat Enterprise Linux 8elfutilsWill not fix
Red Hat Enterprise Linux 8gcc-toolset-11-elfutilsNot affected
Red Hat Enterprise Linux 9elfutilsNot affected
Red Hat Virtualization 4elfutilsNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-400
https://bugzilla.redhat.com/show_bug.cgi?id=2223918elfutils: an infinite loop was found in the function handle_symtab in readelf.c which causes denial of service

EPSS

Процентиль: 0%
0.00006
Низкий

6.2 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2021-33294

CVSS3: 5.5
ubuntu
почти 2 года назад

In elfutils 0.183, an infinite loop was found in the function handle_symtab in readelf.c .Which allows attackers to cause a denial of service (infinite loop) via crafted file.

nvd логотип

CVE-2021-33294

CVSS3: 5.5
nvd
почти 2 года назад

In elfutils 0.183, an infinite loop was found in the function handle_symtab in readelf.c .Which allows attackers to cause a denial of service (infinite loop) via crafted file.

debian логотип

CVE-2021-33294

CVSS3: 5.5
debian
почти 2 года назад

In elfutils 0.183, an infinite loop was found in the function handle_s ...

github логотип

GHSA-827x-xjfm-cw2c

CVSS3: 5.5
github
почти 2 года назад

In elfutils 0.183, an infinite loop was found in the function handle_symtab in readelf.c .Which allows attackers to cause a denial of service (infinite loop) via crafted file.

fstec логотип

BDU:2023-07670

CVSS3: 5.5
fstec
больше 4 лет назад

Уязвимость функции handle_symtab компонента readelf.c утилиты для модификации и анализа бинарных файлов ELF Elfutils, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 0%
0.00006
Низкий

6.2 Medium

CVSS3