Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2017-15020

Опубликовано: 25 сент. 2017
Источник: redhat
CVSS3: 3.3

Описание

dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles pointers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file, related to parse_die and parse_line_table, as demonstrated by a parse_die heap-based buffer over-read.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5binutilsWill not fix
Red Hat Enterprise Linux 5binutils220Will not fix
Red Hat Enterprise Linux 6binutilsWill not fix
Red Hat Enterprise Linux 7binutilsWill not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-122
https://bugzilla.redhat.com/show_bug.cgi?id=1500372binutils: Heap-based buffer overflow in parse_die

3.3 Low

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2017-15020

CVSS3: 7.8
ubuntu
больше 8 лет назад

dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles pointers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file, related to parse_die and parse_line_table, as demonstrated by a parse_die heap-based buffer over-read.

nvd логотип

CVE-2017-15020

CVSS3: 7.8
nvd
больше 8 лет назад

dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles pointers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file, related to parse_die and parse_line_table, as demonstrated by a parse_die heap-based buffer over-read.

debian логотип

CVE-2017-15020

CVSS3: 7.8
debian
больше 8 лет назад

dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as ...

github логотип

GHSA-vhq5-x52q-wx75

CVSS3: 7.8
github
больше 3 лет назад

dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles pointers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file, related to parse_die and parse_line_table, as demonstrated by a parse_die heap-based buffer over-read.

fstec логотип

BDU:2023-07759

CVSS3: 8.8
fstec
больше 8 лет назад

Уязвимость компонента dwarf1.c программного средства разработки GNU Binutils, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

3.3 Low

CVSS3

Уязвимость CVE-2017-15020