Elfutils
CVE-2019-7664
MEDIUM
Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionNVD
In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note in libelf/note_xlate.h because of an incorrect overflow check. Crafted elf input causes a segmentation fault, leading to denial of service (program crash).
AnalysisAI
In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note in libelf/note_xlate.h because of an incorrect overflow check. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified as Out-of-bounds Write (CWE-787), which allows attackers to write data beyond allocated buffer boundaries leading to code execution or crashes. In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note in libelf/note_xlate.h because of an incorrect overflow check. Crafted elf input causes a segmentation fault, leading to denial of service (program crash). Affected products include: Elfutils Project Elfutils, Redhat Enterprise Linux, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Eus, Redhat Enterprise Linux Server.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate write boundaries, use memory-safe languages, enable compiler protections (ASLR, stack canaries).
libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double free and application cra
elfutils 0.170 has a buffer over-read in the ebl_dynamic_tag_name function of libebl/ebldynamictagname.c because SYMTAB_
A heap-based buffer over-read was discovered in the function read_srclines in dwarf_getsrclines.c in libdw in elfutils 0
An attempted excessive memory allocation was discovered in the function read_long_names in elf_begin.c in libelf in elfu
An Invalid Memory Address Dereference exists in the function elf_end in libelf in elfutils through v0.174. Rated medium
elflint.c in elfutils 0.168 does not validate the number of sections and the number of segments, which allows remote att
The handle_gnu_hash function in readelf.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-b
The check_sysv_hash function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-b
The check_group function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based
The ebl_object_note_type_name function in eblobjnotetypename.c in elfutils 0.168 allows remote attackers to cause a deni
The check_symtab_shndx function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (hea
elf_compress.c in elfutils 0.168 does not validate the zlib compression factor, which allows remote attackers to cause a
Same weakness CWE-787 – Out-of-bounds Write
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today