Bugzilla – Bug 1125008
VUL-1: CVE-2019-7664: elfutils: negative-sized memcpy is attempted in elf_cvt_note in libelf/note_xlate.h
Last modified: 2020-10-21 09:22:37 UTC
In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note in
libelf/note_xlate.h because of an incorrect overflow check. Crafted elf input
causes a segmentation fault, leading to denial of service (program crash).
Even though the code in all version we ship is different, I believe all codestreams are affected by looking at the upstream change :
Created attachment 796583 [details]
$ eu-elflint -d POC
Segmentation fault (core dumped)
Reproducer does not work with version 0.168 of elfutils.
I wasn't able to reproduce the bug in any of the code streams.
SLE15: Not reproduced
SLE12: Not reproduced
SLE11-SP2: Not reproduced
SLE11-SP1: Not reproduced
-> reassign to current maintainer
_> closing as not for us