Elfutils

This hub aggregates every CVE we track for Elfutils, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Elfutils.

• CVE-2025-1377GNU elfutils eu-strip strip.c gelf_getsymshndx denial of service3.3Feb 17, 2025
• CVE-2025-1376GNU elfutils eu-strip elf_strptr.c elf_strptr denial of service2.5Feb 17, 2025
• CVE-2025-1372GNU elfutils eu-readelf readelf.c print_string_section buffer overflow5.3Feb 17, 2025
• CVE-2025-1371GNU elfutils eu-read readelf.c handle_dynamic_symtab null pointer dereference3.3Feb 17, 2025
• CVE-2025-1365GNU elfutils eu-readelf readelf.c process_symtab buffer overflow5.3Feb 16, 2025
• CVE-2025-1352GNU elfutils eu-readelf libdw_alloc.c __libdw_thread_tail memory corruption5.0Feb 16, 2025
• CVE-2024-25260elfutils v0.189 was discovered to contain a NULL pointer dereference via the handle_verdef() function at readelf.c.4.0Feb 20, 2024
• CVE-2020-21047The libcpu component which is used by libasm of elfutils version 0.177 (git 47780c9e), suffers from denial-of-service vulnerability caused by application crashes due to out-of-bounds write (CWE-787...5.5Aug 22, 2023
• CVE-2021-33294In elfutils 0.183, an infinite loop was found in the function handle_symtab in readelf.c .Which allows attackers to cause a denial of service (infinite loop) via crafted file.5.5Jul 18, 2023
• CVE-2019-7665In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of...5.5Feb 9, 2019
• CVE-2019-7664In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note in libelf/note_xlate.h because of an incorrect overflow check. Crafted elf input causes a segmentation fault, leading to deni...5.5Feb 9, 2019
• CVE-2019-7146In elfutils 0.175, there is a buffer over-read in the ebl_object_note function in eblobjnote.c in libebl. Remote attackers could leverage this vulnerability to cause a denial-of-service via a craft...5.5Jan 29, 2019
• CVE-2019-7150An issue was discovered in elfutils 0.175. A segmentation fault can occur in the function elf64_xlatetom in libelf/elf32_xlatetom.c, due to dwfl_segment_report_module not checking whether the dyn d...5.5Jan 29, 2019
• CVE-2019-7149A heap-based buffer over-read was discovered in the function read_srclines in dwarf_getsrclines.c in libdw in elfutils 0.175. A crafted input can cause segmentation faults, leading to denial-of-ser...6.5Jan 29, 2019
• CVE-2019-7148An attempted excessive memory allocation was discovered in the function read_long_names in elf_begin.c in libelf in elfutils 0.174. Remote attackers could leverage this vulnerability to cause a den...6.5Jan 29, 2019