Test ID:	1.3.6.1.4.1.25623.1.1.12.2023.6322.1
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-6322-1)
Summary:	The remote host is missing an update for the 'elfutils' package(s) announced via the USN-6322-1 advisory.
Description:	Summary: The remote host is missing an update for the 'elfutils' package(s) announced via the USN-6322-1 advisory. Vulnerability Insight: It was discovered that elfutils incorrectly handled certain malformed files. If a user or automated system were tricked into processing a specially crafted file, elfutils could be made to crash or consume resources, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2018-16062, CVE-2018-16403, CVE-2018-18310, CVE-2018-18520, CVE-2018-18521, CVE-2019-7149, CVE-2019-7150, CVE-2019-7665) It was discovered that elfutils incorrectly handled bounds checks in certain functions when processing malformed files. If a user or automated system were tricked into processing a specially crafted file, elfutils could be made to crash or consume resources, resulting in a denial of service. (CVE-2020-21047, CVE-2021-33294) Affected Software/OS: 'elfutils' package(s) on Ubuntu 14.04, Ubuntu 16.04, Ubuntu 18.04, Ubuntu 20.04. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-16062 https://sourceware.org/bugzilla/show_bug.cgi?id=23541 https://sourceware.org/git/?p=elfutils.git;a=commit;h=29e31978ba51c1051743a503ee325b5ebc03d7e9 https://lists.debian.org/debian-lts-announce/2019/02/msg00036.html https://lists.debian.org/debian-lts-announce/2021/10/msg00030.html RedHat Security Advisories: RHSA-2019:2197 https://access.redhat.com/errata/RHSA-2019:2197 SuSE Security Announcement: openSUSE-SU-2019:1590 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00052.html https://usn.ubuntu.com/4012-1/ Common Vulnerability Exposure (CVE) ID: CVE-2018-16403 https://sourceware.org/bugzilla/show_bug.cgi?id=23529 https://sourceware.org/git/?p=elfutils.git;a=commit;h=6983e59b727458a6c64d9659c85f08218bc4fcda Common Vulnerability Exposure (CVE) ID: CVE-2018-18310 https://sourceware.org/bugzilla/show_bug.cgi?id=23752 https://sourceware.org/ml/elfutils-devel/2018-q4/msg00022.html Common Vulnerability Exposure (CVE) ID: CVE-2018-18520 https://sourceware.org/bugzilla/show_bug.cgi?id=23787 https://sourceware.org/ml/elfutils-devel/2018-q4/msg00057.html Common Vulnerability Exposure (CVE) ID: CVE-2018-18521 https://sourceware.org/bugzilla/show_bug.cgi?id=23786 https://sourceware.org/ml/elfutils-devel/2018-q4/msg00055.html Common Vulnerability Exposure (CVE) ID: CVE-2019-7149 https://sourceware.org/bugzilla/show_bug.cgi?id=24102 https://sourceware.org/ml/elfutils-devel/2019-q1/msg00068.html RedHat Security Advisories: RHSA-2019:3575 https://access.redhat.com/errata/RHSA-2019:3575 Common Vulnerability Exposure (CVE) ID: CVE-2019-7150 https://sourceware.org/bugzilla/show_bug.cgi?id=24103 https://sourceware.org/ml/elfutils-devel/2019-q1/msg00070.html Common Vulnerability Exposure (CVE) ID: CVE-2019-7665 https://sourceware.org/bugzilla/show_bug.cgi?id=24089 https://sourceware.org/ml/elfutils-devel/2019-q1/msg00049.html Common Vulnerability Exposure (CVE) ID: CVE-2020-21047 https://sourceware.org/bugzilla/show_bug.cgi?id=25068 https://sourceware.org/git/?p=elfutils.git;a=commitdiff;h=99dc63b10b3878616b85df2dfd2e4e7103e414b8 https://lists.debian.org/debian-lts-announce/2023/09/msg00026.html Common Vulnerability Exposure (CVE) ID: CVE-2021-33294 https://sourceware.org/bugzilla/show_bug.cgi?id=27501 https://sourceware.org/pipermail/elfutils-devel/2021q1/003607.html
Copyright	Copyright (C) 2023 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.