×

    Error

    There was a problem loading image a9105abcb7.jpeg

    There was a problem loading image cbb162eb95.jpeg

    Adsons

    ArchLinux: 201901-3: elfutils: denial of service

    Date08 Jan 2019
    CategoryArchLinux
    369
    Posted ByLinuxSecurity Advisories
    The package elfutils before version 0.175-1 is vulnerable to denial of service.
    Arch Linux Security Advisory ASA-201901-3
    =========================================
    
    Severity: Medium
    Date    : 2019-01-08
    CVE-ID  : CVE-2018-18310 CVE-2018-18520 CVE-2018-18521
    Package : elfutils
    Type    : denial of service
    Remote  : Yes
    Link    : https://security.archlinux.org/AVG-785
    
    Summary
    =======
    
    The package elfutils before version 0.175-1 is vulnerable to denial of
    service.
    
    Resolution
    ==========
    
    Upgrade to 0.175-1.
    
    # pacman -Syu "elfutils>=0.175-1"
    
    The problems have been fixed upstream in version 0.175.
    
    Workaround
    ==========
    
    None.
    
    Description
    ===========
    
    - CVE-2018-18310 (denial of service)
    
    An invalid memory address dereference was discovered in
    dwfl_segment_report_module.c in libdwfl in elfutils through v0.174. The
    vulnerability allows attackers to cause a denial of service
    (application crash) with a crafted ELF file.
    
    - CVE-2018-18520 (denial of service)
    
    An Invalid Memory Address Dereference exists in the function elf_end in
    libelf in elfutils through v0.174. Although eu-size is intended to
    support ar files inside ar files, handle_ar in size.c closes the outer
    ar file before handling all inner entries. The vulnerability allows
    attackers to cause a denial of service (application crash) with a
    crafted ELF file.
    
    - CVE-2018-18521 (denial of service)
    
    Divide-by-zero vulnerabilities in the function arlib_add_symbols() in
    arlib.c in elfutils 0.174 allow remote attackers to cause a denial of
    service (application crash) with a crafted ELF file, as demonstrated by
    eu-ranlib, because a zero sh_entsize is mishandled.
    
    Impact
    ======
    
    An attacker can crash an application using one of the elfutils
    libraries to parse files via a crafted ELF file.
    
    References
    ==========
    
    https://sourceware.org/bugzilla/show_bug.cgi?id=23752
    https://sourceware.org/ml/elfutils-devel/2018-q4/msg00022.html
    https://sourceware.org/bugzilla/show_bug.cgi?id=23787
    https://sourceware.org/ml/elfutils-devel/2018-q4/msg00057.html
    https://sourceware.org/bugzilla/show_bug.cgi?id=23786
    https://sourceware.org/ml/elfutils-devel/2018-q4/msg00055.html
    https://security.archlinux.org/CVE-2018-18310
    https://security.archlinux.org/CVE-2018-18520
    https://security.archlinux.org/CVE-2018-18521
    

    Comments powered by CComment

    Sidebar Ad

    LinuxSecurity Poll

    Does your company/organization utilize open-source software?

    Message!

    Poll results are hidden from public viewing.

    You are not authorized to vote on this poll.

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /component/communitypolls/?task=poll.vote
    5
    radio
    bottom200