Information on source package elfutils

Available versions

ReleaseVersion
jessie0.159-4.2+deb8u2
stretch0.168-1+deb9u2
stretch (security)0.168-1+deb9u1
buster0.176-1.1+deb10u1
bullseye0.183-1
bookworm0.188-2.1
trixie0.192-4
sid0.192-4

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2019-7149fixedvulnerable (no DSA)fixedfixedfixedfixedfixedA heap-based buffer over-read was discovered in the function read_srcl ...
CVE-2018-16403vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedfixedfixedlibdw in elfutils 0.173 checks the end of the attributes list incorrec ...
CVE-2016-10255vulnerable (no DSA)fixedfixedfixedfixedfixedfixedThe __libelf_set_rawdata_wrlock function in elf_getdata.c in elfutils ...
CVE-2016-10254vulnerable (no DSA)fixedfixedfixedfixedfixedfixedThe allocate_elf function in common.h in elfutils before 0.168 allows ...

Open unimportant issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2024-25260vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableelfutils v0.189 was discovered to contain a NULL pointer dereference v ...
CVE-2021-33294vulnerablevulnerablevulnerablevulnerablefixedfixedfixedIn elfutils 0.183, an infinite loop was found in the function handle_s ...
CVE-2019-7148vulnerablevulnerablefixedfixedfixedfixedfixedAn attempted excessive memory allocation was discovered in the functio ...

Resolved issues

BugDescription
CVE-2020-21047The libcpu component which is used by libasm of elfutils version 0.177 ...
CVE-2019-7665In elfutils 0.175, a heap-based buffer over-read was discovered in the ...
CVE-2019-7664In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_not ...
CVE-2019-7150An issue was discovered in elfutils 0.175. A segmentation fault can oc ...
CVE-2019-7146In elfutils 0.175, there is a buffer over-read in the ebl_object_note ...
CVE-2018-18521Divide-by-zero vulnerabilities in the function arlib_add_symbols() in ...
CVE-2018-18520An Invalid Memory Address Dereference exists in the function elf_end i ...
CVE-2018-18310An invalid memory address dereference was discovered in dwfl_segment_r ...
CVE-2018-16402libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a ...
CVE-2018-16062dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 201 ...
CVE-2018-8769elfutils 0.170 has a buffer over-read in the ebl_dynamic_tag_name func ...
CVE-2017-7613elflint.c in elfutils 0.168 does not validate the number of sections a ...
CVE-2017-7612The check_sysv_hash function in elflint.c in elfutils 0.168 allows rem ...
CVE-2017-7611The check_symtab_shndx function in elflint.c in elfutils 0.168 allows ...
CVE-2017-7610The check_group function in elflint.c in elfutils 0.168 allows remote ...
CVE-2017-7609elf_compress.c in elfutils 0.168 does not validate the zlib compressio ...
CVE-2017-7608The ebl_object_note_type_name function in eblobjnotetypename.c in elfu ...
CVE-2017-7607The handle_gnu_hash function in readelf.c in elfutils 0.168 allows rem ...
CVE-2014-9447Directory traversal vulnerability in the read_long_names function in l ...
CVE-2014-0172Integer overflow in the check_section function in dwarf_begin_elf.c in ...

Security announcements

DSA / DLADescription
ELA-962-1elfutils - security update
DLA-3579-1elfutils - security update
DLA-2802-1elfutils - security update
DLA-1689-1elfutils - security update
ELA-85-1elfutils - security update

Search for package or bug name: Reporting problems