← volver
CVE-2019-7150

CVE-2019-7150

EPSS 1.4%
An issue was discovered in elfutils 0.175. A segmentation fault can occur in the function elf64_xlatetom in libelf/elf32_xlatetom.c, due to dwfl_segment_report_module not checking whether the dyn data read from a core file is truncated. A crafted input can cause a program crash, leading to denial-of-service, as demonstrated by eu-stack.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00052.htmlhttps://access.redhat.com/errata/RHSA-2019:2197https://access.redhat.com/errata/RHSA-2019:3575https://lists.debian.org/debian-lts-announce/2019/02/msg00036.htmlhttps://lists.debian.org/debian-lts-announce/2021/10/msg00030.htmlhttps://sourceware.org/bugzilla/show_bug.cgi?id=24103https://sourceware.org/ml/elfutils-devel/2019-q1/msg00070.htmlhttps://usn.ubuntu.com/4012-1/