Vulnerabilities > Elfutils Project > Elfutils > 0.154
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-19 | CVE-2018-18520 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An Invalid Memory Address Dereference exists in the function elf_end in libelf in elfutils through v0.174. | 4.3 |
| 2018-10-15 | CVE-2018-18310 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl in elfutils through v0.174. | 4.3 |
| 2017-03-23 | CVE-2016-10255 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Elfutils Project Elfutils The __libelf_set_rawdata_wrlock function in elf_getdata.c in elfutils before 0.168 allows remote attackers to cause a denial of service (crash) via a crafted (1) sh_off or (2) sh_size ELF header value, which triggers a memory allocation failure. | 5.5 |
| 2017-03-23 | CVE-2016-10254 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Elfutils Project Elfutils The allocate_elf function in common.h in elfutils before 0.168 allows remote attackers to cause a denial of service (crash) via a crafted ELF file, which triggers a memory allocation failure. | 5.5 |
| 2014-04-11 | CVE-2014-0172 | Numeric Errors vulnerability in Elfutils Project Elfutils Integer overflow in the check_section function in dwarf_begin_elf.c in the libdw library, as used in elfutils 0.153 and possibly through 0.158 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed compressed debug section in an ELF file, which triggers a heap-based buffer overflow. | 6.8 |