First published: Tue Jan 29 2019(Updated: )
A heap-based buffer over-read was discovered in the function read_srclines in dwarf_getsrclines.c in libdw in elfutils 0.175. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by eu-nm.
Credit: cve@mitre.org cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Elfutils Project Elfutils | =0.175 | |
Debian Debian Linux | =8.0 | |
debian/elfutils | 0.183-1 0.188-2.1 0.192-4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.