Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2019-7149

Опубликовано: 29 янв. 2019
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 4.3
CVSS3: 6.5

Описание

A heap-based buffer over-read was discovered in the function read_srclines in dwarf_getsrclines.c in libdw in elfutils 0.175. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by eu-nm.

РелизСтатусПримечание
bionic

released

0.170-0.4ubuntu0.1
cosmic

released

0.170-0.5.0ubuntu1.1
devel

not-affected

0.176-1.1
disco

not-affected

0.176-1
eoan

not-affected

0.176-1.1
esm-infra-legacy/trusty

released

0.158-0ubuntu5.3+esm1
esm-infra/bionic

released

0.170-0.4ubuntu0.1
esm-infra/focal

not-affected

0.176-1.1
esm-infra/xenial

released

0.165-3ubuntu1.2
focal

not-affected

0.176-1.1

Показывать по

Ссылки на источники

EPSS

Процентиль: 56%
0.00333
Низкий

4.3 Medium

CVSS2

6.5 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2019-7149

CVSS3: 3.3
redhat
около 7 лет назад

A heap-based buffer over-read was discovered in the function read_srclines in dwarf_getsrclines.c in libdw in elfutils 0.175. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by eu-nm.

nvd логотип

CVE-2019-7149

CVSS3: 6.5
nvd
около 7 лет назад

A heap-based buffer over-read was discovered in the function read_srclines in dwarf_getsrclines.c in libdw in elfutils 0.175. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by eu-nm.

debian логотип

CVE-2019-7149

CVSS3: 6.5
debian
около 7 лет назад

A heap-based buffer over-read was discovered in the function read_srcl ...

github логотип

GHSA-p6pw-x9rh-9c3w

CVSS3: 6.5
github
больше 3 лет назад

A heap-based buffer over-read was discovered in the function read_srclines in dwarf_getsrclines.c in libdw in elfutils 0.175. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by eu-nm.

fstec логотип

BDU:2019-01237

CVSS3: 6.5
fstec
почти 7 лет назад

Уязвимость функции read_srclines в пакете elfutils, связанная с чтением за границей буфера, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 56%
0.00333
Низкий

4.3 Medium

CVSS2

6.5 Medium

CVSS3