Wind River Support Network


LIN1018-2780 : Security Advisory - elfutils - CVE-2018-18310

Created: Oct 29, 2018    Updated: Sep 13, 2022
Resolved Date: Feb 20, 2019
Found In Version: unknown
Fix Version:
Severity: Standard
Applicable for: Wind River Linux LTS 18
Component/s: Userspace


A vulnerability in the libdwfl library of elfutils could allow a local attacker to cause a denial of service (DoS) condition on a targeted system.

The vulnerability exists in the dwfl_segment_report_module.c source code file in the libdwfl library of the affected software and is due to improper handling of Executable and Linkable Format (ELF) files. An attacker could exploit this vulnerability by sending an ELF file that submits malicious input to the targeted system and by executing the eu-stack command. A successful exploit could trigger a segmentation fault and cause the affected application to crash, resulting in a DoS condition.


Live chat