Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An attempted excessive memory allocation was discovered in the function read_long_names in elf_begin.c in libelf in elfutils 0.174. Remote attackers could leverage this vulnerability to cause a denial-of-service via crafted elf input, which leads to an out-of-memory exception. NOTE: The maintainers believe this is not a real issue, but instead a "warning caused by ASAN because the allocation is big. By setting ASAN_OPTIONS=allocator_may_return_null=1 and running the reproducer, nothing happens."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
elfutils libelf 缓冲区错误漏洞
Vulnerability Description
elfutils是一套用于读取、创建和修改ELF二进制文件的实用程序和库的集合。libelf是一个用于解析ELF格式的二进制文件并与之交互的库。 elfutils 0.174版本中的libelf的elf_begin.c文件的‘read_long_names’函数存在缓冲区错误漏洞。远程攻击者可借助特制的elf输入利用该漏洞造成拒绝服务(内存不足异常)。
CVSS Information
N/A
Vulnerability Type
N/A