CVE-2018-18521 - Divide-by-zero vulnerabilities in the function arlib_add_symbols() in arlib.c in elfutils 0.174 allo

CVE-2018-18521

Summary

Divide-by-zero vulnerabilities in the function arlib_add_symbols() in arlib.c in elfutils 0.174 allow remote attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by eu-ranlib, because a zero sh_entsize is mishandled.

References

Vulnerable Configurations

cpe:2.3:a:elfutils_project:elfutils:0.174:*:*:*:*:*:*:*
cpe:2.3:a:elfutils_project:elfutils:0.174:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

CVSS

Base:	4.3 (as of 30-11-2021 - 21:59)
Impact:
Exploitability:

CWE

CWE-369

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:N/I:N/A:P

redhat via4

advisories

rhsa

id	RHSA-2019:2197

rpms

elfutils-0:0.176-2.el7
elfutils-debuginfo-0:0.176-2.el7
elfutils-default-yama-scope-0:0.176-2.el7
elfutils-devel-0:0.176-2.el7
elfutils-devel-static-0:0.176-2.el7
elfutils-libelf-0:0.176-2.el7
elfutils-libelf-devel-0:0.176-2.el7
elfutils-libelf-devel-static-0:0.176-2.el7
elfutils-libs-0:0.176-2.el7

refmap via4

misc	https://sourceware.org/bugzilla/show_bug.cgi?id=23786 https://sourceware.org/ml/elfutils-devel/2018-q4/msg00055.html
mlist	[debian-lts-announce] 20190225 [SECURITY] [DLA 1689-1] elfutils security update
suse	openSUSE-SU-2019:1590
ubuntu	USN-4012-1

Last major update

30-11-2021 - 21:59

Published

19-10-2018 - 17:29

Last modified

30-11-2021 - 21:59