Bug 159908 - CVE-2005-1704 Integer overflow in libelf
Summary: CVE-2005-1704 Integer overflow in libelf
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: elfutils
Version: 3.0
Hardware: All
OS: Linux
medium
low
Target Milestone: ---
Assignee: Roland McGrath
QA Contact:
URL:
Whiteboard: impact=low,public=20050525,reported=2...
Keywords: Security
Depends On: 159888
Blocks: RHEL3U8CanFix
TreeView+ depends on / blocked
 
Reported: 2005-06-09 00:39 UTC by Roland McGrath
Modified: 2007-11-30 22:07 UTC (History)
1 user (show)

(edit)
Clone Of:
(edit)
Last Closed: 2006-07-20 12:51:33 UTC


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2006:0368 normal SHIPPED_LIVE Low: elfutils security update 2006-07-20 12:51:00 UTC

Description Roland McGrath 2005-06-09 00:39:26 UTC
+++ This bug was initially created as a clone of Bug #159888 +++

Integer overflow in libelf allows attackers to
execute arbitrary code via a crafted object file that specifies a large number
of section headers, leading to a heap-based buffer overflow.

Comment 5 Roland McGrath 2006-04-18 18:01:43 UTC
Fixes are in 0.94.1-1 build.

Comment 9 Red Hat Bugzilla 2006-07-20 12:51:34 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2006-0368.html



Note You need to log in before you can comment on or make changes to this bug.