Computer Security
[EN] securityvulns.ru no-pyccku


elfutils libdw memory corruption
Published:01.05.2014
Source:
SecurityVulns ID:13693
Type:library
Threat Level:
5/10
Description:Memory corruption on ELF parsing.
Affected:ELFUTILS : elfutils 0.158
CVE:CVE-2014-0172 (Integer overflow in the check_section function in dwarf_begin_elf.c in the libdw library, as used in elfutils 0.153 and possibly through 0.158 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed compressed debug section in an ELF file, which triggers a heap-based buffer overflow.)
Original documentdocumentUBUNTU, [USN-2188-1] elfutils vulnerability (01.05.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod