elf_compress.c in elfutils 0.168 does not validate the zlib compression factor, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7609