Vulnerabilities > Elfutils Project > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-03-23 CVE-2016-10255 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Elfutils Project Elfutils
The __libelf_set_rawdata_wrlock function in elf_getdata.c in elfutils before 0.168 allows remote attackers to cause a denial of service (crash) via a crafted (1) sh_off or (2) sh_size ELF header value, which triggers a memory allocation failure.
local
low complexity
elfutils-project CWE-119
5.5
5.5
2017-03-23 CVE-2016-10254 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Elfutils Project Elfutils
The allocate_elf function in common.h in elfutils before 0.168 allows remote attackers to cause a denial of service (crash) via a crafted ELF file, which triggers a memory allocation failure.
local
low complexity
elfutils-project CWE-119
5.5
5.5