Home CVE Database CVE-2018-16403

CVE-2018-16403

Description

libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarf_getabbrev in dwarf_getabbrev.c and dwarf_hasattr in dwarf_hasattr.c, leading to a heap-based buffer over-read and an application crash.

Priority: MEDIUM
CVSS v3: 5.5
Publish Date: Sep 3, 2018
Related ID: --
CVSS v2: MEDIUM
Modified Date: Sep 3, 2018

Find out more about CVE-2018-16403 from the MITRE-CVE dictionary and NIST NVD


Products Affected

Login may be required to access defects or downloads.

Related Products

Product Name Status Defect Fixed Downloads
Linux 7 SCP Not Vulnerable -- -- --
Linux 7 CGP Not Vulnerable -- -- --

Comments

elfutils

Live chat
Online