Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2018-12699

Опубликовано: 11 апр. 2018
Источник: redhat
CVSS3: 0
EPSS Низкий

Описание

finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump.

Отчет

This is a vulnerability affecting binutils, a suite of tools for managing binaries on a linux system; as these tools are used by developers in compilation and debugging, the expected use case is a local user examining object files on a local filesystem, or using ssh to log in. Because of differences in how upstream sources and other vendors provide these utilities, other sources might report the impact of this flaw differently. However, while it is possible for specifically-crafted input to crash binutils via this flaw, Red Hat does not assess that it represents a significant security impact.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5binutilsWill not fix
Red Hat Enterprise Linux 5binutils220Will not fix
Red Hat Enterprise Linux 6binutilsWill not fix
Red Hat Enterprise Linux 7binutilsWill not fix
Red Hat Enterprise Linux 8mingw-binutilsWill not fix
Red Hat Enterprise Linux 8binutilsFixedRHSA-2024:968914.11.2024
Red Hat Enterprise Linux 8binutilsFixedRHSA-2024:968914.11.2024

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-122
https://bugzilla.redhat.com/show_bug.cgi?id=1595427binutils: heap-based buffer overflow in finish_stab in stabs.c

EPSS

Процентиль: 66%
0.00531
Низкий

0 Low

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2018-12699

CVSS3: 9.8
ubuntu
почти 7 лет назад

finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump.

nvd логотип

CVE-2018-12699

CVSS3: 9.8
nvd
почти 7 лет назад

finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump.

debian логотип

CVE-2018-12699

CVSS3: 9.8
debian
почти 7 лет назад

finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause ...

rocky логотип

RLSA-2024:9689

rocky
7 месяцев назад

Low: binutils security update

github логотип

GHSA-r4rx-vwmc-mj74

CVSS3: 9.8
github
около 3 лет назад

finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump.

EPSS

Процентиль: 66%
0.00531
Низкий

0 Low

CVSS3