Описание
In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of service (program crash) because ebl_core_note does not reject malformed core file notes.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 0.170-0.4ubuntu0.1 |
| cosmic | released | 0.170-0.5.0ubuntu1.1 |
| devel | not-affected | 0.176-1.1 |
| disco | not-affected | 0.176-1 |
| eoan | not-affected | 0.176-1.1 |
| esm-infra-legacy/trusty | released | 0.158-0ubuntu5.3+esm1 |
| esm-infra/bionic | released | 0.170-0.4ubuntu0.1 |
| esm-infra/focal | not-affected | 0.176-1.1 |
| esm-infra/xenial | released | 0.165-3ubuntu1.2 |
| focal | not-affected | 0.176-1.1 |
Показывать по
EPSS
4.3 Medium
CVSS2
5.5 Medium
CVSS3
Связанные уязвимости
In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of service (program crash) because ebl_core_note does not reject malformed core file notes.
In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of service (program crash) because ebl_core_note does not reject malformed core file notes.
In elfutils 0.175, a heap-based buffer over-read was discovered in the ...
In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of service (program crash) because ebl_core_note does not reject malformed core file notes.
Уязвимость функции elf32_xlatetom в пакете elfutils, связанная с возможностью выхода операции за границы буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
4.3 Medium
CVSS2
5.5 Medium
CVSS3