SB2018102510 - Denial of service vulnerabilities in elfutils

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Divide by zero (CVE-ID: CVE-2018-18521)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to due to improper handling of Executable and Linkable Format (ELF) files by the arlib_add_symbols function, as defined in the arlib.c source code file. A remote attacker can trick the victim into opening a specially crafted ELF file that submits malicious input, trigger a divide-by-zero condition and cause application to crash.

2) Null pointer dereference (CVE-ID: CVE-2018-18520)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to due to improper handling of Executable and Linkable Format (ELF) files by the elf_end function, as defined in the size.c source code file. A remote attacker can trick the victim into opening a specially crafted ELF file that submits malicious input, trigger NULL pointer dereference and cause application to crash.

Remediation

Install update from vendor's website.

References

• https://sourceware.org/bugzilla/show_bug.cgi?id=23786
• https://sourceware.org/ml/elfutils-devel/2018-q4/msg00055.html
• https://sourceware.org/bugzilla/show_bug.cgi?id=23787
• https://sourceware.org/ml/elfutils-devel/2018-q4/msg00057.html