ID CVE-2014-0172
Summary Integer overflow in the check_section function in dwarf_begin_elf.c in the libdw library, as used in elfutils 0.153 and possibly through 0.158 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed compressed debug section in an ELF file, which triggers a heap-based buffer overflow.
References
Vulnerable Configurations
  • cpe:2.3:a:elfutils_project:elfutils:0.153:*:*:*:*:*:*:*
    cpe:2.3:a:elfutils_project:elfutils:0.153:*:*:*:*:*:*:*
  • cpe:2.3:a:elfutils_project:elfutils:0.154:*:*:*:*:*:*:*
    cpe:2.3:a:elfutils_project:elfutils:0.154:*:*:*:*:*:*:*
  • cpe:2.3:a:elfutils_project:elfutils:0.155:*:*:*:*:*:*:*
    cpe:2.3:a:elfutils_project:elfutils:0.155:*:*:*:*:*:*:*
  • cpe:2.3:a:elfutils_project:elfutils:0.156:*:*:*:*:*:*:*
    cpe:2.3:a:elfutils_project:elfutils:0.156:*:*:*:*:*:*:*
  • cpe:2.3:a:elfutils_project:elfutils:0.157:*:*:*:*:*:*:*
    cpe:2.3:a:elfutils_project:elfutils:0.157:*:*:*:*:*:*:*
  • cpe:2.3:a:elfutils_project:elfutils:0.158:*:*:*:*:*:*:*
    cpe:2.3:a:elfutils_project:elfutils:0.158:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 01-07-2017 - 01:29)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
redhat via4
advisories
bugzilla
id 1077154
title please backport upstream testcase libdwfl: test dwflsyms to the rhel rpm
oval
OR
  • comment Red Hat Enterprise Linux must be installed
    oval oval:com.redhat.rhba:tst:20070304026
  • AND
    • comment Red Hat Enterprise Linux 7 is installed
      oval oval:com.redhat.rhba:tst:20150364027
    • OR
      • AND
        • comment elfutils is earlier than 0:0.160-1.el7
          oval oval:com.redhat.rhea:tst:20150369001
        • comment elfutils is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhea:tst:20150369002
      • AND
        • comment elfutils-devel is earlier than 0:0.160-1.el7
          oval oval:com.redhat.rhea:tst:20150369003
        • comment elfutils-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhea:tst:20150369004
      • AND
        • comment elfutils-devel-static is earlier than 0:0.160-1.el7
          oval oval:com.redhat.rhea:tst:20150369005
        • comment elfutils-devel-static is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhea:tst:20150369006
      • AND
        • comment elfutils-libelf is earlier than 0:0.160-1.el7
          oval oval:com.redhat.rhea:tst:20150369007
        • comment elfutils-libelf is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhea:tst:20150369008
      • AND
        • comment elfutils-libelf-devel is earlier than 0:0.160-1.el7
          oval oval:com.redhat.rhea:tst:20150369009
        • comment elfutils-libelf-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhea:tst:20150369010
      • AND
        • comment elfutils-libelf-devel-static is earlier than 0:0.160-1.el7
          oval oval:com.redhat.rhea:tst:20150369011
        • comment elfutils-libelf-devel-static is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhea:tst:20150369012
      • AND
        • comment elfutils-libs is earlier than 0:0.160-1.el7
          oval oval:com.redhat.rhea:tst:20150369013
        • comment elfutils-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhea:tst:20150369014
rhsa
id RHEA-2015:0369
released 2015-03-05
severity Moderate
title RHEA-2015:0369: elfutils bug fix and enhancement update (Moderate)
rpms
  • elfutils-0:0.160-1.el7
  • elfutils-debuginfo-0:0.160-1.el7
  • elfutils-devel-0:0.160-1.el7
  • elfutils-devel-static-0:0.160-1.el7
  • elfutils-libelf-0:0.160-1.el7
  • elfutils-libelf-devel-0:0.160-1.el7
  • elfutils-libelf-devel-static-0:0.160-1.el7
  • elfutils-libs-0:0.160-1.el7
refmap via4
bid 66714
confirm https://bugzilla.redhat.com/show_bug.cgi?id=1085663
gentoo GLSA-201612-32
mlist
  • [elfutils-devel] 20140409 [PATCH] CVE-2014-0172 Check for overflow before calling malloc to uncompress data.
  • [oss-security] 20140409 Heap-based buffer overflow in libdw/elfutils (CVE-2014-0172)
ubuntu USN-2188-1
Last major update 01-07-2017 - 01:29
Published 11-04-2014 - 15:55
Last modified 01-07-2017 - 01:29
Back to Top