ID CVE-2014-0172
Summary Integer overflow in the check_section function in dwarf_begin_elf.c in the libdw library, as used in elfutils 0.153 and possibly through 0.158 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed compressed debug section in an ELF file, which triggers a heap-based buffer overflow.
References
Vulnerable Configurations
  • cpe:2.3:a:elfutils_project:elfutils:0.153:*:*:*:*:*:*:*
    cpe:2.3:a:elfutils_project:elfutils:0.153:*:*:*:*:*:*:*
  • cpe:2.3:a:elfutils_project:elfutils:0.154:*:*:*:*:*:*:*
    cpe:2.3:a:elfutils_project:elfutils:0.154:*:*:*:*:*:*:*
  • cpe:2.3:a:elfutils_project:elfutils:0.155:*:*:*:*:*:*:*
    cpe:2.3:a:elfutils_project:elfutils:0.155:*:*:*:*:*:*:*
  • cpe:2.3:a:elfutils_project:elfutils:0.156:*:*:*:*:*:*:*
    cpe:2.3:a:elfutils_project:elfutils:0.156:*:*:*:*:*:*:*
  • cpe:2.3:a:elfutils_project:elfutils:0.157:*:*:*:*:*:*:*
    cpe:2.3:a:elfutils_project:elfutils:0.157:*:*:*:*:*:*:*
  • cpe:2.3:a:elfutils_project:elfutils:0.158:*:*:*:*:*:*:*
    cpe:2.3:a:elfutils_project:elfutils:0.158:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 01-07-2017 - 01:29)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
assigner via4 cve@mitre.org
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
redhat via4
advisories
bugzilla
id 1077154
title please backport upstream testcase libdwfl: test dwflsyms to the rhel rpm
oval
AND
  • OR
    • comment Red Hat Enterprise Linux 7 Client is installed
      oval oval:com.redhat.rhba:tst:20150364001
    • comment Red Hat Enterprise Linux 7 Server is installed
      oval oval:com.redhat.rhba:tst:20150364002
    • comment Red Hat Enterprise Linux 7 Workstation is installed
      oval oval:com.redhat.rhba:tst:20150364003
    • comment Red Hat Enterprise Linux 7 ComputeNode is installed
      oval oval:com.redhat.rhba:tst:20150364004
  • OR
    • AND
      • comment elfutils is earlier than 0:0.160-1.el7
        oval oval:com.redhat.rhea:tst:20150369005
      • comment elfutils is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhea:tst:20150369006
    • AND
      • comment elfutils-devel is earlier than 0:0.160-1.el7
        oval oval:com.redhat.rhea:tst:20150369017
      • comment elfutils-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhea:tst:20150369018
    • AND
      • comment elfutils-devel-static is earlier than 0:0.160-1.el7
        oval oval:com.redhat.rhea:tst:20150369009
      • comment elfutils-devel-static is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhea:tst:20150369010
    • AND
      • comment elfutils-libelf is earlier than 0:0.160-1.el7
        oval oval:com.redhat.rhea:tst:20150369013
      • comment elfutils-libelf is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhea:tst:20150369014
    • AND
      • comment elfutils-libelf-devel is earlier than 0:0.160-1.el7
        oval oval:com.redhat.rhea:tst:20150369015
      • comment elfutils-libelf-devel is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhea:tst:20150369016
    • AND
      • comment elfutils-libelf-devel-static is earlier than 0:0.160-1.el7
        oval oval:com.redhat.rhea:tst:20150369011
      • comment elfutils-libelf-devel-static is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhea:tst:20150369012
    • AND
      • comment elfutils-libs is earlier than 0:0.160-1.el7
        oval oval:com.redhat.rhea:tst:20150369007
      • comment elfutils-libs is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhea:tst:20150369008
rhsa
released 2015-03-05
severity None
title RHEA-2015:0369: elfutils bug fix and enhancement update (None)
rpms
  • elfutils-0:0.160-1.el7
  • elfutils-devel-0:0.160-1.el7
  • elfutils-devel-static-0:0.160-1.el7
  • elfutils-libelf-0:0.160-1.el7
  • elfutils-libelf-devel-0:0.160-1.el7
  • elfutils-libelf-devel-static-0:0.160-1.el7
  • elfutils-libs-0:0.160-1.el7
refmap via4
bid 66714
confirm https://bugzilla.redhat.com/show_bug.cgi?id=1085663
gentoo GLSA-201612-32
mlist
  • [elfutils-devel] 20140409 [PATCH] CVE-2014-0172 Check for overflow before calling malloc to uncompress data.
  • [oss-security] 20140409 Heap-based buffer overflow in libdw/elfutils (CVE-2014-0172)
ubuntu USN-2188-1
vulnerable_product via4
  • cpe:2.3:a:elfutils_project:elfutils:0.153:*:*:*:*:*:*:*
  • cpe:2.3:a:elfutils_project:elfutils:0.154:*:*:*:*:*:*:*
  • cpe:2.3:a:elfutils_project:elfutils:0.155:*:*:*:*:*:*:*
  • cpe:2.3:a:elfutils_project:elfutils:0.156:*:*:*:*:*:*:*
  • cpe:2.3:a:elfutils_project:elfutils:0.157:*:*:*:*:*:*:*
  • cpe:2.3:a:elfutils_project:elfutils:0.158:*:*:*:*:*:*:*
Last major update 01-07-2017 - 01:29
Published 11-04-2014 - 15:55
Back to Top