Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2019:2197
HistoryAug 06, 2019 - 8:12 a.m.

(RHSA-2019:2197) Low: elfutils security, bug fix, and enhancement update

2019-08-0608:12:18
access.redhat.com
319

0.01 Low

EPSS

Percentile

83.6%

JSON

The elfutils packages contain a number of utility programs and libraries related to the creation and maintenance of executable code.

The following packages have been upgraded to a later upstream version: elfutils (0.176). (BZ#1676504)

Security Fix(es):

  • elfutils: Heap-based buffer over-read in libdw/dwarf_getaranges.c:dwarf_getaranges() via crafted file (CVE-2018-16062)

  • elfutils: Double-free due to double decompression of sections in crafted ELF causes crash (CVE-2018-16402)

  • elfutils: Heap-based buffer over-read in libdw/dwarf_getabbrev.c and libwd/dwarf_hasattr.c causes crash (CVE-2018-16403)

  • elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl (CVE-2018-18310)

  • elfutils: eu-size cannot handle recursive ar files (CVE-2018-18520)

  • elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c (CVE-2018-18521)

  • elfutils: heap-based buffer over-read in read_srclines in dwarf_getsrclines.c in libdw (CVE-2019-7149)

  • elfutils: segmentation fault in elf64_xlatetom in libelf/elf32_xlatetom.c (CVE-2019-7150)

  • elfutils: Out of bound write in elf_cvt_note in libelf/note_xlate.h (CVE-2019-7664)

  • elfutils: heap-based buffer over-read in function elf32_xlatetom in elf32_xlatetom.c (CVE-2019-7665)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.

OSVersionArchitecturePackageVersionFilename
RedHat7ppc64leelfutils-libelf< 0.176-2.el7elfutils-libelf-0.176-2.el7.ppc64le.rpm
RedHat7ppcelfutils-libelf-devel-static< 0.176-2.el7elfutils-libelf-devel-static-0.176-2.el7.ppc.rpm
RedHat7s390elfutils-devel-static< 0.176-2.el7elfutils-devel-static-0.176-2.el7.s390.rpm
RedHat7s390xelfutils-libelf-devel-static< 0.176-2.el7elfutils-libelf-devel-static-0.176-2.el7.s390x.rpm
RedHat7ppc64elfutils-libelf-devel< 0.176-2.el7elfutils-libelf-devel-0.176-2.el7.ppc64.rpm
RedHat7x86_64elfutils-libelf< 0.176-2.el7elfutils-libelf-0.176-2.el7.x86_64.rpm
RedHat7x86_64elfutils-debuginfo< 0.176-2.el7elfutils-debuginfo-0.176-2.el7.x86_64.rpm
RedHat7ppcelfutils-libs< 0.176-2.el7elfutils-libs-0.176-2.el7.ppc.rpm
RedHat7ppc64leelfutils-devel< 0.176-2.el7elfutils-devel-0.176-2.el7.ppc64le.rpm
RedHat7s390elfutils-devel< 0.176-2.el7elfutils-devel-0.176-2.el7.s390.rpm
Rows per page:
1-10 of 541

Related

nessus 49
ubuntu 2
openvas 27
cloudfoundry 1
f5 1
amazon 1
centos 1
oraclelinux 2
fedora 5
debian 2
osv 13
mageia 1
archlinux 2
suse 3
redhat 2
photon 2
ibm 1
nvd 10
ubuntucve 9
redhatcve 10
veracode 10
prion 9
debiancve 10
cve 9
cvelist 10
alpinelinux 7
nessus
nessus
Oracle Linux 7 : elfutils (ELSA-2019-2197)
2023-09-07 00:00:00
RHEL 7 : elfutils (RHSA-2019:2197)
2019-08-12 00:00:00
Amazon Linux 2 : elfutils (ALAS-2019-1337)
2019-10-25 00:00:00
ubuntu
ubuntu
elfutils vulnerabilities
2019-06-10 00:00:00
elfutils vulnerabilities
2023-08-30 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-4012-1)
2019-06-11 00:00:00
Huawei EulerOS: Security Advisory for elfutils (EulerOS-SA-2019-2141)
2020-01-23 00:00:00
Debian: Security Advisory (DLA-2802-1)
2021-11-01 00:00:00
cloudfoundry
cloudfoundry
USN-4012-1: elfutils vulnerabilities | Cloud Foundry
2019-06-18 00:00:00
f5
f5
K21426934 : Multiple elfutils vulnerabilities
2022-04-25 00:00:00
amazon
amazon
Low: elfutils
2019-10-21 18:01:00
centos
centos
elfutils security update
2019-08-30 02:43:56
oraclelinux
oraclelinux
elfutils security, bug fix, and enhancement update
2019-08-13 00:00:00
elfutils security, bug fix, and enhancement update
2019-11-14 00:00:00
fedora
fedora
[SECURITY] Fedora 28 Update: elfutils-0.174-5.fc28
2018-11-21 03:14:18
[SECURITY] Fedora 29 Update: elfutils-0.176-1.fc29
2019-02-18 02:05:55
[SECURITY] Fedora 29 Update: elfutils-0.174-1.fc29
2018-09-30 23:27:45
debian
debian
[SECURITY] [DLA 2802-1] elfutils security update
2021-10-30 21:53:24
[SECURITY] [DLA 1689-1] elfutils security update
2019-02-25 21:35:38
osv
osv
elfutils - security update
2021-10-30 00:00:00
elfutils vulnerabilities
2023-08-30 16:29:23
elfutils - security update
2019-02-25 00:00:00
mageia
mageia
Updated elfutils packages fix security vulnerabilities
2019-08-18 15:39:41
archlinux
archlinux
[ASA-201901-3] elfutils: denial of service
2019-01-08 00:00:00
[ASA-201903-9] libelf: denial of service
2019-03-18 00:00:00
suse
suse
Security update for dwarves and elfutils (moderate)
2022-09-01 00:00:00
Security update for elfutils (moderate)
2019-06-20 00:00:00
Security update for dwarves and elfutils (moderate)
2022-08-01 00:00:00
redhat
redhat
(RHSA-2019:3575) Low: elfutils security, bug fix, and enhancement update
2019-11-05 18:02:56
(RHSA-2020:1471) Low: elfutils security update
2020-04-14 14:34:38
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-1.0-0226
2019-04-22 00:00:00
Important Photon OS Security Update - PHSA-2019-0226
2019-04-22 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities affect Intel® Manycore Platform Software Stack (Intel® MPSS) for Linux and Windows
2019-02-25 20:40:02
nvd
nvd
CVE-2018-16402
2018-09-03 19:29:00
CVE-2019-7664
2019-02-09 16:29:00
CVE-2018-18310
2018-10-15 02:29:00
ubuntucve
ubuntucve
CVE-2018-16402
2018-09-03 00:00:00
CVE-2019-7664
2019-02-09 00:00:00
CVE-2018-18521
2018-10-19 00:00:00
redhatcve
redhatcve
CVE-2019-7664
2019-10-12 02:22:30
CVE-2018-18310
2018-10-24 19:49:58
CVE-2018-18521
2018-11-05 15:49:09
veracode
veracode
Denial Of Service (DoS)
2019-08-08 00:07:56
Denial Of Service (DoS)
2019-08-08 00:07:56
Denial Of Service (DoS)
2019-08-08 00:07:56
prion
prion
Buffer overflow
2019-02-09 16:29:00
Input validation
2018-10-19 17:29:00
Heap overflow
2018-08-29 03:29:00
debiancve
debiancve
CVE-2019-7664
2019-02-09 16:29:00
CVE-2018-16402
2018-09-03 19:29:00
CVE-2018-16403
2018-09-03 19:29:00
cve
cve
CVE-2019-7664
2019-02-09 16:29:00
CVE-2018-18310
2018-10-15 02:29:00
CVE-2018-16402
2018-09-03 19:29:00
cvelist
cvelist
CVE-2019-7664
2019-02-09 16:00:00
CVE-2018-16402
2018-09-03 19:00:00
CVE-2018-16403
2018-09-03 19:00:00
alpinelinux
alpinelinux
CVE-2019-7664
2019-02-09 16:29:00
CVE-2018-16062
2018-08-29 03:29:00
CVE-2018-18310
2018-10-15 02:29:00

0.01 Low

EPSS

Percentile

83.6%

JSON
Related for RHSA-2019:2197
nessus49ubuntu2openvas27cloudfoundry1f51amazon1centos1oraclelinux2fedora5debian2osv13mageia1archlinux2suse3redhat2photon2ibm1nvd10ubuntucve9redhatcve10veracode10prion9debiancve10cve9cvelist10alpinelinux7