Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2018-18483

Опубликовано: 18 окт. 2018
Источник: debian
EPSS Низкий

Описание

The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
binutilsfixed2.32.51.20190707-1package

Примечания

  • https://sourceware.org/bugzilla/show_bug.cgi?id=23767

  • https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87602

  • https://gcc.gnu.org/bugzilla/show_bug.cgi?id=83472

  • https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79111

  • binutils not covered by security support

  • same fix than CVE-2018-12934

  • https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=1910070b298052d7ca8e4024891465824588c1e9 (binutils-2_32)

EPSS

Процентиль: 48%
0.00252
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2018-18483

CVSS3: 7.8
ubuntu
больше 7 лет назад

The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt.

redhat логотип

CVE-2018-18483

CVSS3: 5.5
redhat
около 9 лет назад

The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt.

nvd логотип

CVE-2018-18483

CVSS3: 7.8
nvd
больше 7 лет назад

The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt.

github логотип

GHSA-92pq-82vg-3v28

CVSS3: 7.8
github
больше 3 лет назад

The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt.

fstec логотип

BDU:2020-01726

CVSS3: 6.1
fstec
больше 7 лет назад

Уязвимость функции get_count программного средства разработки GNU Binutils, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 48%
0.00252
Низкий