CVE-2019-7664

Name
CVE-2019-7664
Description
In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note in libelf/note_xlate.h because of an incorrect overflow check. Crafted elf input causes a segmentation fault, leading to denial of service (program crash).
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Exploit https://sourceware.org/bugzilla/show_bug.cgi?id=24084
REDHAT https://access.redhat.com/errata/RHSA-2019:2197
REDHAT https://access.redhat.com/errata/RHSA-2019:3575

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:elfutils_project:elfutils:0.175:*:*:*:*:*:*:* elfutils == None == 0.175

Vulnerable and fixed packages

Source package Branch Version Maintainer Status