Note:
This project will be discontinued after December 13, 2021. [more]
2018-08-29
dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.
Products | Ubuntu_linux, Debian_linux, Elfutils, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation |
Type | Out-of-bounds Read (CWE-125) |
First patch | - None (likely due to unavailable code) |
Links |
• https://sourceware.org/git/?p=elfutils.git%3Ba=commit%3Bh=29e31978ba51c1051743a503ee325b5ebc03d7e9
• https://lists.debian.org/debian-lts-announce/2019/02/msg00036.html • https://lists.debian.org/debian-lts-announce/2021/10/msg00030.html • https://usn.ubuntu.com/4012-1/ • https://access.redhat.com/errata/RHSA-2019:2197 |