ArchLinux: 201903-9: libelf: denial of service

    Date20 Mar 2019
    Posted ByLinuxSecurity Advisories
    The package libelf before version 0.176-1 is vulnerable to denial of service.
    Arch Linux Security Advisory ASA-201903-9
    Severity: Medium
    Date    : 2019-03-18
    CVE-ID  : CVE-2019-7148 CVE-2019-7149 CVE-2019-7150 CVE-2019-7664
    Package : libelf
    Type    : denial of service
    Remote  : Yes
    Link    :
    The package libelf before version 0.176-1 is vulnerable to denial of
    Upgrade to 0.176-1.
    # pacman -Syu "libelf>=0.176-1"
    The problems have been fixed upstream in version 0.176.
    - CVE-2019-7148 (denial of service)
    An attempted excessive memory allocation was discovered in the function
    read_long_names in elf_begin.c in libelf in elfutils <= 0.175. Remote
    attackers could leverage this vulnerability to cause a denial-of-
    service via crafted elf input, which leads to an out-of-memory
    - CVE-2019-7149 (denial of service)
    A heap-based buffer over-read was discovered in the function
    read_srclines in dwarf_getsrclines.c in libdw in elfutils 0.175. A
    crafted input can cause segmentation faults, leading to denial-of-
    - CVE-2019-7150 (denial of service)
    An issue was discovered in elfutils 0.175. A segmentation fault can
    occur in the function elf64_xlatetom in libelf/elf32_xlatetom.c, due to
    dwfl_segment_report_module not checking whether the dyn data read from
    a core file is truncated. A crafted input can cause a program crash,
    leading to denial-of-service.
    - CVE-2019-7664 (denial of service)
    In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note
    in libelf/note_xlate.h because of an incorrect overflow check. Crafted
    elf input causes a segmentation fault, leading to denial of service
    (program crash).
    - CVE-2019-7665 (denial of service)
    In elfutils 0.175, a heap-based buffer over-read was discovered in the
    function elf32_xlatetom in elf32_xlatetom.c in libelf. A crafted ELF
    input can cause a segmentation fault leading to denial of service
    (program crash) because ebl_core_note does not reject malformed core
    file notes.
    A remote attacker is able to crash a program that uses libelf by
    providing it with a crafted ELF file.
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"5","type":"x","order":"1","pct":62.5,"resources":[]},{"id":"88","title":"Should be more technical","votes":"2","type":"x","order":"2","pct":25,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"1","type":"x","order":"3","pct":12.5,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.