This page lists publicly disclosed CVE vulnerabilities affecting elfutils_project elfutils (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2018-16062 | dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file. | [email protected] | 5.5 | 1.73% | 2018-08-28 | 2026-06-16 |
| CVE-2018-8769 | elfutils 0.170 has a buffer over-read in the ebl_dynamic_tag_name function of libebl/ebldynamictagname.c because SYMTAB_SHNDX is unsupported. | [email protected] | 7.8 | 0.85% | 2018-03-18 | 2026-06-16 |
| CVE-2017-7613 | elflint.c in elfutils 0.168 does not validate the number of sections and the number of segments, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file. | [email protected] | 5.5 | 1.70% | 2017-04-09 | 2026-06-16 |
| CVE-2017-7612 | The check_sysv_hash function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | [email protected] | 5.5 | 1.75% | 2017-04-09 | 2026-06-16 |
| CVE-2017-7611 | The check_symtab_shndx function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | [email protected] | 5.5 | 1.76% | 2017-04-09 | 2026-06-16 |
| CVE-2017-7610 | The check_group function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | [email protected] | 5.5 | 1.75% | 2017-04-09 | 2026-06-16 |
| CVE-2017-7609 | elf_compress.c in elfutils 0.168 does not validate the zlib compression factor, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file. | [email protected] | 5.5 | 1.64% | 2017-04-09 | 2026-06-16 |
| CVE-2017-7608 | The ebl_object_note_type_name function in eblobjnotetypename.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | [email protected] | 5.5 | 2.13% | 2017-04-09 | 2026-06-16 |
| CVE-2017-7607 | The handle_gnu_hash function in readelf.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. | [email protected] | 5.5 | 1.70% | 2017-04-09 | 2026-06-16 |
| CVE-2016-10255 | The __libelf_set_rawdata_wrlock function in elf_getdata.c in elfutils before 0.168 allows remote attackers to cause a denial of service (crash) via a crafted (1) sh_off or (2) sh_size ELF header value, which triggers a memory allocation failure. | [email protected] | 5.5 | 1.65% | 2017-03-23 | 2026-06-16 |
| CVE-2016-10254 | The allocate_elf function in common.h in elfutils before 0.168 allows remote attackers to cause a denial of service (crash) via a crafted ELF file, which triggers a memory allocation failure. | [email protected] | 5.5 | 1.57% | 2017-03-23 | 2026-06-16 |
| CVE-2014-9447 | Directory traversal vulnerability in the read_long_names function in libelf/elf_begin.c in elfutils 0.152 and 0.161 allows remote attackers to write to arbitrary files to the root directory via a / (slash) in a crafted archive, as demonstrated using the ar program. | [email protected] | 6.4 | 5.02% | 2015-01-02 | 2026-06-16 |
| CVE-2014-0172 | Integer overflow in the check_section function in dwarf_begin_elf.c in the libdw library, as used in elfutils 0.153 and possibly through 0.158 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed compressed debug section in an ELF file, which triggers a heap-based buffer overflow. | [email protected] | 6.8 | 4.03% | 2014-04-11 | 2026-06-16 |