Wind River Support Network


LIN8-9927 : Security Advisory - elfutils - CVE-2018-18310

Created: Oct 29, 2018    Updated: Dec 10, 2018
Resolved Date: Nov 6, 2018
Found In Version:
Fix Version:
Severity: Standard
Applicable for: Wind River Linux 8
Component/s: Userspace


A vulnerability in the libdwfl library of elfutils could allow a local attacker to cause a denial of service (DoS) condition on a targeted system.

The vulnerability exists in the dwfl_segment_report_module.c source code file in the libdwfl library of the affected software and is due to improper handling of Executable and Linkable Format (ELF) files. An attacker could exploit this vulnerability by sending an ELF file that submits malicious input to the targeted system and by executing the eu-stack command. A successful exploit could trigger a segmentation fault and cause the affected application to crash, resulting in a DoS condition.

Other Downloads


Live chat