elfutils vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary
elfutils could be made to crash or consume resources if it opened a specially crafted file.
Software Description
- elfutils - collection of utilities to handle ELF objects
Details
Agostino Sarubbo discovered that elfutils incorrectly handled certain malformed ELF files. If a user or automated system were tricked into processing a specially crafted ELF file, elfutils could be made to crash or consume resources, resulting in a denial of service.
Update instructions
The problem can be corrected by updating your system to the following package versions:
- Ubuntu 16.04 LTS
- elfutils - 0.165-3ubuntu1.1
- libasm1 - 0.165-3ubuntu1.1
- libdw1 - 0.165-3ubuntu1.1
- libelf1 - 0.165-3ubuntu1.1
- Ubuntu 14.04 LTS
- elfutils - 0.158-0ubuntu5.3
- libasm1 - 0.158-0ubuntu5.3
- libdw1 - 0.158-0ubuntu5.3
- libelf1 - 0.158-0ubuntu5.3
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system update will make all the necessary changes.
References
- CVE-2016-10254
- CVE-2016-10255
- CVE-2017-7607
- CVE-2017-7608
- CVE-2017-7609
- CVE-2017-7610
- CVE-2017-7611
- CVE-2017-7612
- CVE-2017-7613
from Ubuntu Security Notices https://ift.tt/2Hmw7DR
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.