CVE-2021-33294

In elfutils 0.183, an infinite loop was found in the function handle_symtab in readelf.c .Which allows attackers to cause a denial of service (infinite loop) via crafted file.

Published: Jul 18, 2023
Updated: Jul 28, 2023
CVE: CVE-2021-33294
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CWEs:

CWE-835

Affected Software
References

Software	From	Fixed in
elfutils_project / elfutils	0.183	0.183.x

https://sourceware.org/bugzilla/show_bug.cgi?id=27501
https://sourceware.org/pipermail/elfutils-devel/2021q1/003607.html

Vulnerability Database

289,697

CVE-2021-33294