CVE-2018-20671

Опубликовано: 04 янв. 2019

Источник: debian

Описание

load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
binutils	fixed	2.32.51.20190707-1		package

Примечания

https://sourceware.org/bugzilla/show_bug.cgi?id=24005
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=11fa9f134fd658075c6f74499c780df045d9e9ca
binutils not covered by security support

Связанные уязвимости

CVE-2018-20671

CVSS3: 5.5

ubuntu

около 7 лет назад

load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size.

CVE-2018-20671

CVSS3: 5.3

redhat

около 7 лет назад

load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size.

CVE-2018-20671

CVSS3: 5.5

nvd

около 7 лет назад

load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size.

GHSA-crr7-7j5m-9cvf

CVSS3: 5.5

github

больше 3 лет назад

load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size.

BDU:2019-01241

CVSS3: 5.5

fstec

около 7 лет назад

Уязвимость функции load_specific_debug_section в GNU Binutils, связанная с целочисленным переполнением, позволяющая нарушителю вызвать отказ в обслуживании