Vulnerabilities > CVE-2021-33294 - Infinite Loop vulnerability in Elfutils Project Elfutils 0.183

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
local
low complexity
elfutils-project
CWE-835

Summary

In elfutils 0.183, an infinite loop was found in the function handle_symtab in readelf.c .Which allows attackers to cause a denial of service (infinite loop) via crafted file.

Vulnerable Configurations

Part Description Count
Application
Elfutils_Project
1