Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2018-17359

Опубликовано: 23 сент. 2018
Источник: debian
EPSS Низкий

Описание

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in bfd_zalloc in opncls.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
binutilsfixed2.31.51.20181022-1experimentalpackage
binutilsfixed2.32.51.20190707-1package

Примечания

  • https://sourceware.org/bugzilla/show_bug.cgi?id=23686

  • https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=30838132997e6a3cfe3ec11c58b32b22f6f6b102

  • binutils not covered by security support

EPSS

Процентиль: 54%
0.00314
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2018-17359

CVSS3: 5.5
ubuntu
больше 7 лет назад

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in bfd_zalloc in opncls.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.

redhat логотип

CVE-2018-17359

redhat
больше 7 лет назад

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in bfd_zalloc in opncls.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.

nvd логотип

CVE-2018-17359

CVSS3: 5.5
nvd
больше 7 лет назад

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in bfd_zalloc in opncls.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.

github логотип

GHSA-6xc7-v897-2j4f

CVSS3: 5.5
github
больше 3 лет назад

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in bfd_zalloc in opncls.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.

fstec логотип

BDU:2023-07787

CVSS3: 6.5
fstec
больше 7 лет назад

Уязвимость функции bfd_zalloc компонента opncls.c программного средства разработки GNU Binutils, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 54%
0.00314
Низкий