Lucene search

Veracode Vulnerability DatabaseVERACODE:21150

HistoryAug 08, 2019 - 12:07 a.m.

Denial Of Service (DoS)

2019-08-0800:07:56

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.002 Low

EPSS

Percentile

53.2%

JSON

elfutils is vulnerable to denial of service (DoS). It is due to an Out of bound write in elf_cvt_note in libelf/note_xlate.h.

CPENameOperatorVersion
elfutilseq0.170__4.el7
elfutilseq0.172__2.el7
elfutilseq0.174__6.el8
elfutilseq0.170__4.el7
elfutilseq0.172__2.el7
elfutilseq0.174__6.el8

Name	Operator	Version
elfutils	eq	0.170__4.el7
elfutils	eq	0.172__2.el7
elfutils	eq	0.174__6.el8
elfutils	eq	0.170__4.el7
elfutils	eq	0.172__2.el7
elfutils	eq	0.174__6.el8

References

access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.7_release_notes/index

access.redhat.com/errata/RHSA-2019:2197

access.redhat.com/errata/RHSA-2019:3575

access.redhat.com/security/updates/classification/#low

bugzilla.redhat.com/show_bug.cgi?id=1704754

sourceware.org/bugzilla/show_bug.cgi?id=24084

0.002 Low

EPSS

Percentile

53.2%

JSON

Related for VERACODE:21150