Test ID:	1.3.6.1.4.1.25623.1.1.10.2018.0027
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2018-0027)
Summary:	The remote host is missing an update for the 'elfutils' package(s) announced via the MGASA-2018-0027 advisory.
Description:	Summary: The remote host is missing an update for the 'elfutils' package(s) announced via the MGASA-2018-0027 advisory. Vulnerability Insight: The elfutils package has been updated to version 0.169 to fix several bugs that can lead to memory allocation failures or heap overflows (CVE-2016-10254, CVE-2016-10255, CVE-2017-7607, CVE-2017-7608, CVE-2017-7609, CVE-2017-7610, CVE-2017-7611, CVE-2017-7612, CVE-2017-7613). Affected Software/OS: 'elfutils' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-10254 https://security.gentoo.org/glsa/201710-10 https://blogs.gentoo.org/ago/2016/11/04/elfutils-memory-allocation-failure-in-allocate_elf-common-h/ https://lists.fedorahosted.org/archives/list/elfutils-devel@lists.fedorahosted.org/message/EJWVY7TMRDEMWPAPNVU3V4MZYG5HANF2/ http://www.openwall.com/lists/oss-security/2017/03/22/2 https://usn.ubuntu.com/3670-1/ Common Vulnerability Exposure (CVE) ID: CVE-2016-10255 https://blogs.gentoo.org/ago/2016/11/04/elfutils-memory-allocation-failure-in-__libelf_set_rawdata_wrlock-elf_getdata-c/ https://lists.fedorahosted.org/archives/list/elfutils-devel@lists.fedorahosted.org/thread/Q4LE47FPEVRZANMV6JE2NMHYO4H5MHGJ/ http://www.openwall.com/lists/oss-security/2017/03/22/1 Common Vulnerability Exposure (CVE) ID: CVE-2017-7607 BugTraq ID: 98608 http://www.securityfocus.com/bid/98608 https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-handle_gnu_hash-readelf-c SuSE Security Announcement: openSUSE-SU-2019:1590 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00052.html Common Vulnerability Exposure (CVE) ID: CVE-2017-7608 BugTraq ID: 98609 http://www.securityfocus.com/bid/98609 https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-ebl_object_note_type_name-eblobjnotetypename-c https://lists.debian.org/debian-lts-announce/2019/02/msg00036.html Common Vulnerability Exposure (CVE) ID: CVE-2017-7609 https://blogs.gentoo.org/ago/2017/04/03/elfutils-memory-allocation-failure-in-__libelf_decompress-elf_compress-c Common Vulnerability Exposure (CVE) ID: CVE-2017-7610 https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-check_group-elflint-c Common Vulnerability Exposure (CVE) ID: CVE-2017-7611 https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-check_symtab_shndx-elflint-c Common Vulnerability Exposure (CVE) ID: CVE-2017-7612 https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-check_sysv_hash-elflint-c Common Vulnerability Exposure (CVE) ID: CVE-2017-7613 https://blogs.gentoo.org/ago/2017/04/03/elfutils-memory-allocation-failure-in-xcalloc-xmalloc-c
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.