Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Micro 5.2 package elfutils, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (19)
CVE-2018-16402 — CVSS 9.8 (critical): libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double free and application crash) or possibly…
CVE-2019-7149 — CVSS 6.5 (medium): A heap-based buffer over-read was discovered in the function read_srclines in dwarf_getsrclines.c in libdw in elfutils 0.175. A crafted…
CVE-2018-18520 — CVSS 6.5 (medium): An Invalid Memory Address Dereference exists in the function elf_end in libelf in elfutils through v0.174. Although eu-size is intended to…
CVE-2019-7148 — CVSS 6.5 (medium): An attempted excessive memory allocation was discovered in the function read_long_names in elf_begin.c in libelf in elfutils 0.174. Remote…
CVE-2017-7611 — CVSS 5.5 (medium): The check_symtab_shndx function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer…
CVE-2017-7612 — CVSS 5.5 (medium): The check_sysv_hash function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer…
CVE-2017-7613 — CVSS 5.5 (medium): elflint.c in elfutils 0.168 does not validate the number of sections and the number of segments, which allows remote attackers to cause a…
CVE-2018-16062 — CVSS 5.5 (medium): dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service…
CVE-2018-16403 — CVSS 5.5 (medium): libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarf_getabbrev in dwarf_getabbrev.c and dwarf_hasattr in…
CVE-2018-18310 — CVSS 5.5 (medium): An invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl in elfutils through v0.174. The…
CVE-2018-18521 — CVSS 5.5 (medium): Divide-by-zero vulnerabilities in the function arlib_add_symbols() in arlib.c in elfutils 0.174 allow remote attackers to cause a denial of…
CVE-2019-7146 — CVSS 5.5 (medium): In elfutils 0.175, there is a buffer over-read in the ebl_object_note function in eblobjnote.c in libebl. Remote attackers could leverage…
CVE-2019-7150 — CVSS 5.5 (medium): An issue was discovered in elfutils 0.175. A segmentation fault can occur in the function elf64_xlatetom in libelf/elf32_xlatetom.c, due to…
CVE-2019-7664 — CVSS 5.5 (medium): In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note in libelf/note_xlate.h because of an incorrect overflow check…
CVE-2017-7607 — CVSS 5.5 (medium): The handle_gnu_hash function in readelf.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer…
CVE-2019-7665 — CVSS 5.5 (medium): In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. A crafted ELF…
CVE-2017-7608 — CVSS 5.5 (medium): The ebl_object_note_type_name function in eblobjnotetypename.c in elfutils 0.168 allows remote attackers to cause a denial of service…
CVE-2017-7609 — CVSS 5.5 (medium): elf_compress.c in elfutils 0.168 does not validate the zlib compression factor, which allows remote attackers to cause a denial of service…
CVE-2017-7610 — CVSS 5.5 (medium): The check_group function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read…