CVE-2014-0172

Priority
Description
Integer overflow in the check_section function in dwarf_begin_elf.c in the
libdw library, as used in elfutils 0.153 and possibly through 0.158 allows
remote attackers to cause a denial of service (application crash) or
possibly execute arbitrary code via a malformed compressed debug section in
an ELF file, which triggers a heap-based buffer overflow.
Assigned-to
mdeslaur
Notes
Package
Upstream:needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):released (0.158-0ubuntu5.1)
Patches:
Upstream:https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=7f1eec317db79627b473c5b149a22a1b20d1f68f
More Information

Updated: 2020-03-18 22:14:34 UTC (commit 2ea7df7bd1e69e1e489978d2724a936eb3faa1b8)