CVE-2018-16402: elfutils: Double-free due to double decompression of sections in crafted ELF causes crash

Severity: Critical

CVSS Score: 9.8

libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact because it tries to decompress twice.