Double Free in elfutils

#VU36733 Double Free in elfutils

Cybersecurity Help s.r.o.

Published: 2018-09-03 | Updated: 2020-08-08

Vulnerability identifier: #VU36733

Vulnerability risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-16402

CWE-ID: CWE-415

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
elfutils
Server applications / File servers (FTP/HTTP)

Vendor: Sourceware

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact because it tries to decompress twice.

Mitigation
Install update from vendor's website.

Vulnerable software versions

elfutils: 0.173

External links
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00052.html
http://access.redhat.com/errata/RHSA-2019:2197
http://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E
http://sourceware.org/bugzilla/show_bug.cgi?id=23528
http://usn.ubuntu.com/4012-1/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

SUSE update for dwarves and elfutils

Red Hat Enterprise Linux 7.6 Extended Update Support update for elfutils

Red Hat Enterprise Linux 7 update for elfutils

OpenSUSE Linux update for elfutils

Multiple vulnerabilities in Sourceware elfutils