Bug 1033085 - (CVE-2017-7608) VUL-1: CVE-2017-7608: elfutils: denial of service (heap-based buffer over-read and application crash) via a crafted ELF file
(CVE-2017-7608)
VUL-1: CVE-2017-7608: elfutils: denial of service (heap-based buffer over-rea...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P4 - Low : Normal
: ---
Assigned To: Martin Liška
Security Team bot
https://smash.suse.de/issue/183198/
CVSSv2:SUSE:CVE-2017-7608:1.9:(AV:L/A...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-04-09 18:39 UTC by Mikhail Kasimov
Modified: 2022-09-01 15:33 UTC (History)
4 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Mikhail Kasimov 2017-04-09 18:39:26 UTC
Ref: https://nvd.nist.gov/vuln/detail/CVE-2017-7608
===================================================
Description

The ebl_object_note_type_name function in eblobjnotetypename.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file.

Source:  MITRE      Last Modified:  04/09/2017
===================================================

Hyperlink:

[1] https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-ebl_object_note_type_name-eblobjnotetypename-c

[1]:
===================================================
elfutils: heap-based buffer overflow in ebl_object_note_type_name (eblobjnotetypename.c)
Posted on April 3, 2017 by ago	

Description:
elfutils is a set of libraries/utilities to handle ELF objects (drop in replacement for libelf).

A fuzz on eu-readelf showed an heap overflow. Will follow a feedback from upstream:

    Nice find. The issue is with notes that have a zero sized name (and also no descriptor data at the end of a note section).

    “The system reserves note information with no name (namesz==0) and with a zero-length name (name[0]==’\0′) but currently defines no types. All other names must have at least one non-null character.”

    So we must explicitly check for namesz == 0 before using the name data in the note.

The complete ASan output:

# eu-readelf -a $FILE
==29866==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60200000ef9c at pc 0x7f910ac17150 bp 0x7fff92f7ed90 sp 0x7fff92f7e540
READ of size 1 at 0x60200000ef9c thread T0
    #0 0x7f910ac1714f  (/usr/lib/gcc/x86_64-pc-linux-gnu/6.3.0/libasan.so.3+0x4514f)
    #1 0x4f63a7 in ebl_object_note_type_name /tmp/portage/dev-libs/elfutils-0.168/work/elfutils-0.168/libebl/eblobjnotetypename.c:48
    #2 0x461251 in handle_notes_data /tmp/portage/dev-libs/elfutils-0.168/work/elfutils-0.168/src/readelf.c:9372
    #3 0x47209d in handle_notes /tmp/portage/dev-libs/elfutils-0.168/work/elfutils-0.168/src/readelf.c:9455
    #4 0x47209d in process_elf_file /tmp/portage/dev-libs/elfutils-0.168/work/elfutils-0.168/src/readelf.c:916
    #5 0x47ae65 in process_dwflmod /tmp/portage/dev-libs/elfutils-0.168/work/elfutils-0.168/src/readelf.c:690
    #6 0x7f910a730094 in dwfl_getmodules /tmp/portage/dev-libs/elfutils-0.168/work/elfutils-0.168/libdwfl/dwfl_getmodules.c:82
    #7 0x4365f2 in process_file /tmp/portage/dev-libs/elfutils-0.168/work/elfutils-0.168/src/readelf.c:789
    #8 0x405e50 in main /tmp/portage/dev-libs/elfutils-0.168/work/elfutils-0.168/src/readelf.c:305
    #9 0x7f9108d4e78f in __libc_start_main (/lib64/libc.so.6+0x2078f)
    #10 0x406cd8 in _start (/usr/bin/eu-readelf+0x406cd8)

0x60200000ef9c is located 0 bytes to the right of 12-byte region [0x60200000ef90,0x60200000ef9c)
allocated by thread T0 here:
    #0 0x7f910ac94288 in malloc (/usr/lib/gcc/x86_64-pc-linux-gnu/6.3.0/libasan.so.3+0xc2288)
    #1 0x7f910a10af48 in convert_data /tmp/portage/dev-libs/elfutils-0.168/work/elfutils-0.168/libelf/elf_getdata.c:166
    #2 0x7f910a10af48 in __libelf_set_data_list_rdlock /tmp/portage/dev-libs/elfutils-0.168/work/elfutils-0.168/libelf/elf_getdata.c:434
    #3 0x7f910a10c9ba in __elf_getdata_rdlock /tmp/portage/dev-libs/elfutils-0.168/work/elfutils-0.168/libelf/elf_getdata.c:541
    #4 0x7f910a10ccae in elf_getdata /tmp/portage/dev-libs/elfutils-0.168/work/elfutils-0.168/libelf/elf_getdata.c:559
    #5 0x471fe7 in handle_notes /tmp/portage/dev-libs/elfutils-0.168/work/elfutils-0.168/src/readelf.c:9455
    #6 0x471fe7 in process_elf_file /tmp/portage/dev-libs/elfutils-0.168/work/elfutils-0.168/src/readelf.c:916
    #7 0x47ae65 in process_dwflmod /tmp/portage/dev-libs/elfutils-0.168/work/elfutils-0.168/src/readelf.c:690
    #8 0x7f910a730094 in dwfl_getmodules /tmp/portage/dev-libs/elfutils-0.168/work/elfutils-0.168/libdwfl/dwfl_getmodules.c:82
    #9 0x4365f2 in process_file /tmp/portage/dev-libs/elfutils-0.168/work/elfutils-0.168/src/readelf.c:789
    #10 0x405e50 in main /tmp/portage/dev-libs/elfutils-0.168/work/elfutils-0.168/src/readelf.c:305
    #11 0x7f9108d4e78f in __libc_start_main (/lib64/libc.so.6+0x2078f)

SUMMARY: AddressSanitizer: heap-buffer-overflow (/usr/lib/gcc/x86_64-pc-linux-gnu/6.3.0/libasan.so.3+0x4514f) 
Shadow bytes around the buggy address:
  0x0c047fff9da0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c047fff9db0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c047fff9dc0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c047fff9dd0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c047fff9de0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
=>0x0c047fff9df0: fa fa 00[04]fa fa 00 02 fa fa 00 02 fa fa 00 01
  0x0c047fff9e00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c047fff9e10: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c047fff9e20: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c047fff9e30: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c047fff9e40: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Heap right redzone:      fb
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack partial redzone:   f4
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==29866==ABORTING

Affected version:
0.168

Fixed version:
0.169 (not released atm)

Commit fix:
https://sourceware.org/ml/elfutils-devel/2017-q1/msg00111.html

Credit:
This bug was discovered by Agostino Sarubbo of Gentoo.

CVE:
N/A

Reproducer:
https://github.com/asarubbo/poc/blob/master/00226-elfutils-heapoverflow-ebl_object_note_type_name

Timeline:
2017-03-24: bug discovered and reported to upstream
2017-04-04: blog post about the issue

Note:
This bug was found with American Fuzzy Lop.

Permalink:

    elfutils: heap-based buffer overflow in ebl_object_note_type_name (eblobjnotetypename.c)
===================================================

(open-)SUSE:
https://software.opensuse.org/package/elfutils

0.168 (TW, official repo)
0.158 (42.{1,2}, official repo)

Test-case on 42.2 (version 0.158):
===================================================
k_mikhail@linux-mk500:~> eu-readelf -a 00226-elfutils-heapoverflow-ebl_object_note_type_name 
ELF Header:
  Magic:   7f 45 4c 46 02 02 01 00 00 00 ff f3 00 02 00 3e
  Class:                             ELF64
  Data:                              2's complement, big endian
  Ident Version:                     1 (current)
  OS/ABI:                            UNIX - System V
  ABI Version:                       0
  Type:                              REL (Relocatable file)
  Machine:                           <unknown>
  Version:                           8339456 (???)
  Entry point address:               0x400000
  Start of program headers:          4096 (bytes into file)
  Start of section headers:          0 (bytes into file)
  Flags:                             
  Size of this header:               170 (bytes)
  Size of program header entries:    65535 (bytes)
  Number of program headers entries: 65535 (0 in [0].sh_info)
  Size of section header entries:    26 (bytes)
  Number of section headers entries: 89
  Section header string table index: 20549

Section Headers:
[Nr] Name                 Type         Addr             Off      Size     ES Flags Lk Inf Al
[ 0] <corrupt>            <unknown>: 33685760 00010000007f4000 00400000 00001000 -281363301707707 AXMSE  0   0 11206655
[ 1] <corrupt>            SHT_LOOS+e74005f 00000000760c0004 00000051 e574640600000000 10 OE     0 227 -1099511627776
[ 2] <corrupt>            NULL         0000000a00000252 e574640400000000 1e00000000000000 4854678368786145107 M      0 24948 8390820064477214019
[ 3] <corrupt>            <unknown>: 1129252352 0000210000004000 4000000000004000 4000000000000008 64424509443 E      0   0 169
[ 4] <corrupt>            NOTE         1e00000000000008 00000200 0000000c 4294967299 E      0   0 1835189
[ 5] <corrupt>            PREINIT_ARRAY 1e00000000000008 00000000 00000010 25769803779 ME     0   0 186
[ 6] <corrupt>            <unknown>: 248 000000e00100007f e001000000 6400f8ffff 601333172976 E     -16777212   4 601328975872
[ 7] <corrupt>            <unknown>: 37748736 0000002000000000 00000020 7f0000000019  0 WAME   0 -2147483644 -133143986176
[ 8] <corrupt>            NULL         000015220000ff80 2e32000000008010 100000011 4294115328 T     1572896 559939584  0
[ 9] <corrupt>            RELA         0000000000000000 00000000 00001b00 9007199254804481 E      4  32 6917529027641082368
[10] <corrupt>            <unknown>: 5120 0000000700000000 00000000 1d1000000 51774488576       301989888   0 17592186044416
[11] <corrupt>            <unknown>: 262148 ff80000000000000 00cc0000 12000000000000 5066549580791808 E      0   0 281324653445376
[12] <corrupt>            <unknown>: 524320 0012000000000000 00000000 00170100 1126183374946308 NE    1179648   0 17180131328
[13] <corrupt>            <unknown>: -606348325 0000000000000000 00000000 00002d56 29038424883204 OE    393178732 2032165228 7805150906565017600
[14] <corrupt>            <unknown>: -606348325 0000000000000000 7f000000 00002d56 29038424883204 OE    544173676 2032165228 7813595155866337280
[15] <corrupt>            <unknown>: 1835008 0010000000000000 72289809000003 65010000100000 246429654188032 E     1536 3584 1792
[16] <corrupt>            <unknown>: 419436800 f0fff02060000000 17050000001aff e100000000000000 5066549580791808        0   0 15532020
[17] <corrupt>            NULL         7fff000000000000 00000000 00bb0000 3735552 ASIL  1179648   0  0
[18] <corrupt>            NULL         0000000000df0000 12000000000000 00000000  0        0 8781824 34359738368
[19] <corrupt>            REL          fbffffff00000000 001d0000 00000000 103079215104 E     18   1 34359738368
[20] <corrupt>            <unknown>: 44 448b642406400000 00000000 a5000000 9007199254740992 WAXMSILNGTE 32767   0 5046272
[21] <corrupt>            NULL         000000860c400000 960c2a0000 00000000 3735552       32   0 246423748608000
[22] <corrupt>            NULL         0000000000df0000 12000000ffff00 00000000  0        0 8781824 34359738368
[23] <corrupt>            REL          fbffffff00120000 ffffff7f 00000f00 267280109797376 E      5 59904 1095216660224
[24] <corrupt>            STRTAB       0000008806400000 00000000 a5000000 9007199254741003 E     301989888   0 5046272
[25] <corrupt>            NULL         000000640c400000 960c2a0000 00000000  0       1048608   0 43012
[26] <corrupt>            <unknown>: 2048 0000000000008500 10000000200 0000c800 1152921504607240192        0 1915262985 3300229447680
[27] <corrupt>            NULL         0000000040050019 19000000000000 f0fff02060 5348024557502464 SI     0 386203648 7599824371187712
[28] <corrupt>            NULL         0000000000000000 00000000 00000000 360287970189639680 E     16384   0  0
[29] <corrupt>            <unknown>: 255 0000800000000000 00000000 00000000 1030792151040 E      0   0 1407374883553280
[30] <corrupt>            <unknown>: 127 0000000000000000 00000000 00000000  0        0   0  0
[31] <corrupt>            NULL         000000009b000000 00000000 00000000 4398046511130        0 536870912  0
[32] <corrupt>            <unknown>: -419430400 0000000000000000 00000000 00000000  0        0   0 14090240
[33] <corrupt>            NOBITS       0000000000000000 00000000 00000000 -72057594037927936        0   0 144115188092370943
[34] <corrupt>            NULL         0500000001000000 800000000000000 1800000000000000 -8645152065946910720       855638016 50331648 144115188075986944
[35] <corrupt>            NULL         0000000000000000 e4d0000002000 00000000  0 E      0   0  0
[36] <corrupt>            NULL         0000000000000000 00000000 00000000 18017697044365312        0   0 18017971922272256
[37] <corrupt>            <unknown>: -16777216 0008000000000000 00000000 00000000  0 E      0   0  0
[38] <corrupt>            NULL         0000000000000000 ff000000 00000000 8444249301319680        0 254 -72340172854788096
[39] <corrupt>            NULL         1340000000000010 1340000000000000 00000001  0 MS    6144   0 16888498602639360
[40] <corrupt>            NULL         0093000000010000 e4ff0000000000 5c00000000 8904020852736        0   0 1677721600
[41] <corrupt>            NULL         0000000000000000 80000000000 ffbf0a000000 -19697750811558400 E     -399705345 -1460226 -206109505478607
[42] <corrupt>            SHT_LOOS+1faffff 4489e24889c731c0 e85cfaffff486354 3388488b0d600f20 1000089583615 WMILNE 4753903 -1107230720 65306575447834634
[43] <corrupt>            <unknown>: 759976561 7468742c488b0d3e f2000ba00000100 be010000005a89c7 4910085682967150592 WSIOE 629752868 417908729 -43909498088974199
[44] <corrupt>            <unknown>: 568881146 95faffffbf601740 e85bfa24ffba01 174000e95d 209023563464937 SILE  -16777281 303513600 -1710528931033381632
[45] <corrupt>            <unknown>: -1074915776 000000bef1164000 e92bfeffffba0500 bea7164000e9 -215892208241362427 WXGOE -687996929 -1174077440 53621074331494855
[46] <corrupt>            NULL         0000000000000000 00000000 00310000  0        0   0  0
[47] <corrupt>            <unknown>: 4194537 00e829faffffba05 bef1164000 e92bfeffffba0500 53621074331494855 IGTE  48807 373293289 -2954924306682544128
[48] <corrupt>            <unknown>: 838842885 0000000000000000 00000000 00000000  0        0 3211264 436207616
[49] <corrupt>            NULL         0000000000000000 00000040 00000000  0        0   0  0
[50] <corrupt>            NULL         0000000000000000 05000000 00000000  0       255 -256 32768
[51] <corrupt>            NULL         0000000000050000 000000f0 00000000  0       127   0  0
[52] <corrupt>            NULL         0000000000000000 00000000 00000000 -7277816997830721536        0   0  0
[53] <corrupt>            NULL         2000000000000000 00000400 1a00000000  0       -419430400   0  0
[54] <corrupt>            NULL         0000000000000000 d7000000000000 00000000  0        8   0  0
[55] <corrupt>            NULL         0000000000000000 00000000 00000000  0        0   0  0
[56] <corrupt>            SHT_LOOS+66f6973 0020000000000000 40000000000 00000000  0 AXSIOE  0   0  0
[57] <corrupt>            NULL         007f000000000000 c00000000000000 00000000  0        0   0  0
[58] <corrupt>            NULL         0000000000000000 00090000 00000000  0        0   0  0
[59] <corrupt>            NULL         0000000000000000 01000000 00000000 1387671635198083088        0   0 8194096
[60] <corrupt>            NULL         0000000000000001 00000001 1d00009b 4736662007598565513 W      0 10224640 20405859369820160
[61] <corrupt>            GNU_HASH     0000000000000000 00000000 0000001a  0 WME    0   0  0
[62] <corrupt>            SHT_LOOS+4000000 0000000000000000 00000000 00000000  0 E      0   0  0
[63] <corrupt>            NULL         0000000000000000 00000000 00000000 216172782113783880        0  64 234187180623265856
[64] <corrupt>            HASH         0000000000000000 00000000 1000000000  0 E      0   0  0
[65] <corrupt>            NULL         0000000000000000 fffc00000000 00000000  0       65536   0 281474976710656
[66] <corrupt>            NULL         0000000000000000 01000000 00000000 1387671635198083088        0   0 8194096
[67] <corrupt>            NULL         0000000000000001 00000001 1d00009b 4736662007598565513 W      0 10224640 20405859369820160
[68] <corrupt>            GNU_HASH     0000000000000000 00000000 0000001a  0 WME    0   0  0
[69] <corrupt>            SHT_LOOS+4000000 0000000000000000 00000000 00000000  0 E      0   0  0
[70] <corrupt>            NULL         0000000000000000 00000000 00000000 216172782113783880        0  64 234187180623265856
[71] <corrupt>            HASH         0000000000000000 00000000 1000000000  0 E      0   0  0
[72] <corrupt>            NULL         000c00000000faff ffff000000000000 00000000  0 E     404643840   0  0
[73] <corrupt>            NULL         760b400000080000 860b000000000020 b4000000000000d  0 E      0 7188 1459166279268040906
[74] <corrupt>            <unknown>: 26 000000000000001a 000000a6 a6a6a6a6a6a6a6a6 -6438275382588823898 E     -1499027802 -1499027802 -6438275382588823898
[75] <corrupt>            <unknown>: -1499027802 a6a6a6a6a6a6a6a6 a6a6a6a6a6a6a6a6 a6a6a6a6a6a6a6a6 -6438275382588823898 AXSLGTE -1499027802 -1499027802 -6438275382588823898
[76] <corrupt>            <unknown>: -1499027802 a6a6a6a6a6a6a6a6 a6a6a6a6a6a6a6a6 a6a6a6a6a6a6a6a6 -6438275382588823898 AXSLGTE -1499027802 -1499027802 -6438275382588823898
[77] <corrupt>            <unknown>: -1499027802 a6a6a6a6a6a6a6a6 a6a6a6a6a6a6a6a6 a6a6a6a6a6a6a6a6 -6438275382588823898 AXSLGTE -1499027802 -1499027802 -6438275382588823898
[78] <corrupt>            <unknown>: -1499027802 a6a6a6a6a6a6a6a6 a6a6a6a6a6a6a6a6 a6a6a6a6a6a6a6a6 -6438275382588823918 AXSLGTE -1499027802 -1499027802 -6438275382588823898
[79] <corrupt>            <unknown>: -1499027802 a6a6a6a6a6a6a6a6 a6a6a6a6a6a6a6a6 a6a6a6a6a6a6a6a6 -6438275382588823898 AXSLGTE -1499027802 -1499027802 -6438275382588823898
[80] <corrupt>            <unknown>: -1499027802 a6a6a6a6a6a6a6a6 a6a6a6a6a6a6a6a6 a6a6a6a6a6a6a6a6 -6438275382588823898 AXSLGTE -1499027802 -1499027802 -6438275382588823898
[81] <corrupt>            <unknown>: -1499027802 a6a6a6a6a6a6a6a6 a6a6a6a6a6a6a6a6 a6a6a6a6a6a6a6a6 -6438275382588823898 AXSLGTE -1499027802 -1499027802 -6438275382588823898
[82] <corrupt>            <unknown>: -1499027802 a6a6a6a6a6a6a6a6 a6a6a6a6a6a6a6a6 a6a6a6a6a6a6a6a6 -6438275382588823898 AXSLGTE -1499027802 -1499027802 -6438275382588823898
[83] <corrupt>            <unknown>: -1499027802 a6a6a6a6a6a6a6a6 a6a6a6a6a6a6a6a6 a6a6a6a6a6a6a6a6 -6438275382588823898 AXSLGTE -1499027802 -1499027802 -6438275382588823898
[84] <corrupt>            <unknown>: -1499027802 a6a6a6a6a6a6a6a6 a6a6a6a6a6a6a6a6 a6a6a6a6a6a6a6a6 -6438275382588823898 AXSLGTE -1499027802 -1499027802 -6438275382588823898
[85] <corrupt>            <unknown>: -1499027802 0000000000000000 00000000 00000000  0 GTE    0   0 9007199254740992
[86] <corrupt>            NULL         0000000000000000 8000000000000000 00000000  0       -67108864   0 39687971716202496
[87] <corrupt>            NULL         000000080000860b 00200b40 000d0000 7776        0 471077952 13238272
[88] <corrupt>            <unknown>: 1769472 5757575757575757 5757575757575757 5757575757575757  0 WAXMINGTE 1465341783 1460142080 1703936

Program Headers:
  Type           Offset   VirtAddr           PhysAddr           FileSiz  MemSiz   Flg Align

 Section to Segment mapping:
  Segment Sections...

Relocation section [19] '(null)' for section [ 1] '(null)' at offset 0x1d0000 contains 0 entries:
  Offset              Type                 Value               Name
eu-readelf: memory exhausted
===================================================
Comment 9 João Moreira 2019-06-12 15:32:24 UTC
SLE15: Reproduced and fixed
SLE12: Reproduced and fixed
SLE11-SP2: Reproduced and fixed (patch backported)
SLE11-SP1: Not reproduced, patch doesn't make sense in code stream
Comment 10 João Moreira 2019-06-12 15:34:27 UTC
SLE15: Reproduced and fixed
SLE12: Reproduced and fixed (patch backported)
SLE11-SP2: Reproduced and fixed (patch backported)
SLE11-SP1: Reproduced and fixed (patch backported)
Comment 11 João Moreira 2019-06-12 15:38:06 UTC
Please, ignore comment 10.

Status of this is:

SLE15: Reproduced and fixed
SLE12: Reproduced and fixed
SLE11-SP2: Reproduced and fixed (patch backported)
SLE11-SP1: Not reproduced, patch doesn't make sense in code stream
Comment 13 Swamp Workflow Management 2019-06-13 13:12:02 UTC
SUSE-SU-2019:1486-1: An update that fixes 15 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1033084,1033085,1033086,1033087,1033088,1033089,1033090,1106390,1107066,1107067,1111973,1112723,1112726,1123685,1125007
CVE References: CVE-2017-7607,CVE-2017-7608,CVE-2017-7609,CVE-2017-7610,CVE-2017-7611,CVE-2017-7612,CVE-2017-7613,CVE-2018-16062,CVE-2018-16402,CVE-2018-16403,CVE-2018-18310,CVE-2018-18520,CVE-2018-18521,CVE-2019-7150,CVE-2019-7665
Sources used:
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    elfutils-0.168-4.5.3
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    elfutils-0.168-4.5.3
SUSE Linux Enterprise Module for Basesystem 15 (src):    elfutils-0.168-4.5.3

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 14 Swamp Workflow Management 2019-06-20 01:13:40 UTC
openSUSE-SU-2019:1590-1: An update that fixes 15 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1033084,1033085,1033086,1033087,1033088,1033089,1033090,1106390,1107066,1107067,1111973,1112723,1112726,1123685,1125007
CVE References: CVE-2017-7607,CVE-2017-7608,CVE-2017-7609,CVE-2017-7610,CVE-2017-7611,CVE-2017-7612,CVE-2017-7613,CVE-2018-16062,CVE-2018-16402,CVE-2018-16403,CVE-2018-18310,CVE-2018-18520,CVE-2018-18521,CVE-2019-7150,CVE-2019-7665
Sources used:
openSUSE Leap 15.1 (src):    elfutils-0.168-lp151.4.3.1
openSUSE Leap 15.0 (src):    elfutils-0.168-lp150.3.3.1
Comment 15 Swamp Workflow Management 2019-07-03 16:13:02 UTC
SUSE-SU-2019:1733-1: An update that fixes 15 vulnerabilities is now available.

Category: security (low)
Bug References: 1030472,1030476,1033084,1033085,1033087,1033088,1033089,1033090,1106390,1107067,1111973,1112723,1112726,1123685,1125007
CVE References: CVE-2016-10254,CVE-2016-10255,CVE-2017-7607,CVE-2017-7608,CVE-2017-7610,CVE-2017-7611,CVE-2017-7612,CVE-2017-7613,CVE-2018-16062,CVE-2018-16403,CVE-2018-18310,CVE-2018-18520,CVE-2018-18521,CVE-2019-7150,CVE-2019-7665
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    elfutils-0.158-7.7.2
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    elfutils-0.158-7.7.2
SUSE Linux Enterprise Server 12-SP4 (src):    elfutils-0.158-7.7.2
SUSE Linux Enterprise Server 12-SP3 (src):    elfutils-0.158-7.7.2
SUSE Linux Enterprise Desktop 12-SP4 (src):    elfutils-0.158-7.7.2
SUSE Linux Enterprise Desktop 12-SP3 (src):    elfutils-0.158-7.7.2
SUSE CaaS Platform 3.0 (src):    elfutils-0.158-7.7.2
OpenStack Cloud Magnum Orchestration 7 (src):    elfutils-0.158-7.7.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 16 Marcus Meissner 2020-01-08 09:49:55 UTC
-> reassign to current maintainer
Comment 17 Marcus Meissner 2020-07-31 06:42:06 UTC
done
Comment 18 Swamp Workflow Management 2022-08-01 13:17:07 UTC
SUSE-SU-2022:2614-1: An update that fixes 19 vulnerabilities, contains one feature is now available.

Category: security (moderate)
Bug References: 1033084,1033085,1033086,1033087,1033088,1033089,1033090,1082318,1104264,1106390,1107066,1107067,1111973,1112723,1112726,1123685,1125007
CVE References: CVE-2017-7607,CVE-2017-7608,CVE-2017-7609,CVE-2017-7610,CVE-2017-7611,CVE-2017-7612,CVE-2017-7613,CVE-2018-16062,CVE-2018-16402,CVE-2018-16403,CVE-2018-18310,CVE-2018-18520,CVE-2018-18521,CVE-2019-7146,CVE-2019-7148,CVE-2019-7149,CVE-2019-7150,CVE-2019-7664,CVE-2019-7665
JIRA References: SLE-24501
Sources used:
openSUSE Leap 15.3 (src):    dwarves-1.22-150300.7.3.1, elfutils-0.177-150300.11.3.1
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    dwarves-1.22-150300.7.3.1, elfutils-0.177-150300.11.3.1
SUSE Linux Enterprise Micro 5.2 (src):    dwarves-1.22-150300.7.3.1, elfutils-0.177-150300.11.3.1
SUSE Linux Enterprise Micro 5.1 (src):    dwarves-1.22-150300.7.3.1, elfutils-0.177-150300.11.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 19 Swamp Workflow Management 2022-09-01 15:33:59 UTC
SUSE-SU-2022:2614-2: An update that fixes 19 vulnerabilities, contains one feature is now available.

Category: security (moderate)
Bug References: 1033084,1033085,1033086,1033087,1033088,1033089,1033090,1082318,1104264,1106390,1107066,1107067,1111973,1112723,1112726,1123685,1125007
CVE References: CVE-2017-7607,CVE-2017-7608,CVE-2017-7609,CVE-2017-7610,CVE-2017-7611,CVE-2017-7612,CVE-2017-7613,CVE-2018-16062,CVE-2018-16402,CVE-2018-16403,CVE-2018-18310,CVE-2018-18520,CVE-2018-18521,CVE-2019-7146,CVE-2019-7148,CVE-2019-7149,CVE-2019-7150,CVE-2019-7664,CVE-2019-7665
JIRA References: SLE-24501
Sources used:
openSUSE Leap Micro 5.2 (src):    dwarves-1.22-150300.7.3.1, elfutils-0.177-150300.11.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.