OpenSUSE Linux update for elfutils
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 15 |
| CVE-ID | CVE-2017-7607 CVE-2017-7608 CVE-2017-7609 CVE-2017-7610 CVE-2017-7611 CVE-2017-7612 CVE-2017-7613 CVE-2018-16062 CVE-2018-16402 CVE-2018-16403 CVE-2018-18310 CVE-2018-18520 CVE-2018-18521 CVE-2019-7150 CVE-2019-7665 |
| CWE-ID | CWE-122 CWE-119 CWE-125 CWE-415 CWE-20 CWE-476 CWE-369 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #1 is available. Public exploit code for vulnerability #2 is available. Public exploit code for vulnerability #3 is available. Public exploit code for vulnerability #4 is available. Public exploit code for vulnerability #5 is available. Public exploit code for vulnerability #6 is available. Public exploit code for vulnerability #7 is available. Public exploit code for vulnerability #11 is available. Public exploit code for vulnerability #12 is available. Public exploit code for vulnerability #13 is available. Public exploit code for vulnerability #14 is available. Public exploit code for vulnerability #15 is available. |
| Vulnerable software Subscribe |
Opensuse Operating systems & Components / Operating system |
| Vendor | SUSE |
Security Bulletin
This security bulletin contains information about 15 vulnerabilities.
1) Heap-based buffer overflow
EUVDB-ID: #VU13240
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-7607
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists in the handle_gnu_hash function of elfutils due to heap-based buffer overflow when handling of Executable and Linkable Format (ELF) files by the handle_gnu_hash function, as defined in the readelf.c source code file. A remote attacker can trick the victim into opening an Executable and Linkable Format (ELF) file that submits malicious input, trigger memory corruption and cause the application to crash.
MitigationUpdate the affected packages.
Opensuse: 15.0 - 15.1
External linkshttp://lists.opensuse.org/opensuse-security-announce/2019-06/msg00052.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
2) Heap-based buffer overflow
EUVDB-ID: #VU13239
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-7608
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists in the ebl_object_note_type_name function of elfutils due to heap-based buffer overflow when handling Executable and Linkable Format (ELF) files by the ebl_object_note_type_namefunction, as defined in the eblobjnotetypename.c source code file. A remote attacker can trick the victim into opening an Executable and Linkable Format (ELF) file that submits malicious input, trigger memory corruption and cause the application to crash.
MitigationUpdate the affected packages.
Opensuse: 15.0 - 15.1
External linkshttp://lists.opensuse.org/opensuse-security-announce/2019-06/msg00052.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
3) Memory corruption
EUVDB-ID: #VU13238
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-7609
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists in the elf_compress.c source code of elfutils due to improper validation of the zlib compression factor before the affected software allocates the output buffer. A remote attacker can trick the victim into opening an Executable and Linkable Format (ELF) file that submits malicious input, trigger memory corruption and cause the application to crash.
MitigationUpdate the affected packages.
Opensuse: 15.0 - 15.1
External linkshttp://lists.opensuse.org/opensuse-security-announce/2019-06/msg00052.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
4) Heap-based buffer overflow
EUVDB-ID: #VU13245
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-7610
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists in the check_group function of elfutils due to heap-based buffer overflow when handling of Executable and Linkable Format (ELF) files by the check_group function, as defined in the elflint.c source code file. A remote attacker can trick the victim into opening an Executable and Linkable Format (ELF) file that submits malicious input, trigger memory corruption and cause the application to crash.
MitigationUpdate the affected packages.
Opensuse: 15.0 - 15.1
External linkshttp://lists.opensuse.org/opensuse-security-announce/2019-06/msg00052.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
5) Heap-based buffer overflow
EUVDB-ID: #VU13244
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-7611
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists in the check_symtab_shndx function of elfutils due to heap-based buffer overflow when handling of Executable and Linkable Format (ELF) files by the check_symtab_shndxfunction, as defined in the elflint.c source code file. A remote attacker can trick the victim into opening an Executable and Linkable Format (ELF) file that submits malicious input, trigger memory corruption and cause the application to crash.
MitigationUpdate the affected packages.
Opensuse: 15.0 - 15.1
External linkshttp://lists.opensuse.org/opensuse-security-announce/2019-06/msg00052.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
6) Heap-based buffer overflow
EUVDB-ID: #VU13243
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-7612
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists in the check_sysv_hash function of elfutils due to heap-based buffer overflow when handling of Executable and Linkable Format (ELF) files by the check_sysv_hash function, as defined in the elflint.c source code file. A remote attacker can trick the victim into opening an Executable and Linkable Format (ELF) file that submits malicious input, trigger memory corruption and cause the application to crash.
MitigationUpdate the affected packages.
Opensuse: 15.0 - 15.1
External linkshttp://lists.opensuse.org/opensuse-security-announce/2019-06/msg00052.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
7) Memory corruption
EUVDB-ID: #VU13242
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-7613
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists in the elflint.c source code of elfutils due to boundary error when sanitization checks of the number of eshnum sections and ephnum segments. A remote attacker can trick the victim into opening an Executable and Linkable Format (ELF) file that submits malicious input, trigger memory corruption and cause the application to crash.
MitigationUpdate the affected packages.
Opensuse: 15.0 - 15.1
External linkshttp://lists.opensuse.org/opensuse-security-announce/2019-06/msg00052.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
8) Out-of-bounds read
EUVDB-ID: #VU31220
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-16062
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18. A remote attacker can perform a denial of service (heap-based buffer over-read) via a crafted file.
MitigationUpdate the affected packages.
Opensuse: 15.0 - 15.1
External linkshttp://lists.opensuse.org/opensuse-security-announce/2019-06/msg00052.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Double Free
EUVDB-ID: #VU36733
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-16402
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact because it tries to decompress twice.
MitigationUpdate the affected packages.
Opensuse: 15.0 - 15.1
External linkshttp://lists.opensuse.org/opensuse-security-announce/2019-06/msg00052.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Out-of-bounds read
EUVDB-ID: #VU36734
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-16403
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarf_getabbrev in dwarf_getabbrev.c and dwarf_hasattr in dwarf_hasattr.c, leading to a heap-based buffer over-read and an application crash.
MitigationUpdate the affected packages.
Opensuse: 15.0 - 15.1
External linkshttp://lists.opensuse.org/opensuse-security-announce/2019-06/msg00052.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Segmentation fault
EUVDB-ID: #VU15371
Risk: Low
CVSSv3.1: 5.2 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:U/RC:C]
CVE-ID: CVE-2018-18310
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition on the target system.
The vulnerability exists in the dwfl_segment_report_module.c source code file in the libdwfl library due to improper handling of Executable and Linkable Format (ELF) files. A local attacker can send an ELF file that submits malicious input, execute the eu-stack command, trigger a segmentation fault and cause the affected application to crash.
MitigationUpdate the affected packages.
Opensuse: 15.0 - 15.1
External linkshttp://lists.opensuse.org/opensuse-security-announce/2019-06/msg00052.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
12) Null pointer dereference
EUVDB-ID: #VU15528
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-18520
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to due to improper handling of Executable and Linkable Format (ELF) files by the elf_end function, as defined in the size.c source code file. A remote attacker can trick the victim into opening a specially crafted ELF file that submits malicious input, trigger NULL pointer dereference and cause application to crash.
MitigationUpdate the affected packages.
Opensuse: 15.0 - 15.1
External linkshttp://lists.opensuse.org/opensuse-security-announce/2019-06/msg00052.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
13) Divide by zero
EUVDB-ID: #VU15527
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2018-18521
CWE-ID:
CWE-369 - Divide By Zero
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to due to improper handling of Executable and Linkable Format (ELF) files by the arlib_add_symbols function, as defined in the arlib.c source code file. A remote attacker can trick the victim into opening a specially crafted ELF file that submits malicious input, trigger a divide-by-zero condition and cause application to crash.
MitigationUpdate the affected packages.
Opensuse: 15.0 - 15.1
External linkshttp://lists.opensuse.org/opensuse-security-announce/2019-06/msg00052.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
14) Segmentation fault
EUVDB-ID: #VU17325
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2019-7150
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient sanitization of user-supplied input by the elf64_xlatetom function as defined in the libelf/elf32_xlatetom.c source code file. A remote attacker can trick the victim into opening a specially crafted file that submits malicious input, trigger a segmentation fault and cause the affected application to crash, resulting in a DoS condition.
MitigationUpdate the affected packages.
Opensuse: 15.0 - 15.1
External linkshttp://lists.opensuse.org/opensuse-security-announce/2019-06/msg00052.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
15) Segmentation fault
EUVDB-ID: #VU17718
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2019-7665
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists in the ebl_core_note function due to improper check if the values of a NT_PLATFORM core file note is a zero-terminated string. A remote attacker can trick the victim into opening an Executable and Linkable Format (ELF) file that submits malicious input, trigger a segmentation fault that causes the affected application to crash, resulting in a DoS condition.
MitigationUpdate the affected packages.
Opensuse: 15.0 - 15.1
External linkshttp://lists.opensuse.org/opensuse-security-announce/2019-06/msg00052.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
