Описание
In GNU Binutils 2.30, there's an integer overflow in the function load_specific_debug_section() in objdump.c, which results in malloc() with 0 size. A crafted ELF file allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
Отчет
This issue did not affect the versions of binutils as shipped with Red Hat Enterprise Linux 5, 6, and 7.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | binutils | Not affected | ||
| Red Hat Enterprise Linux 6 | binutils | Not affected | ||
| Red Hat Enterprise Linux 7 | binutils | Not affected | ||
| Red Hat Enterprise Linux 8 | binutils | Not affected |
Показывать по
Дополнительная информация
Статус:
5.3 Medium
CVSS3
Связанные уязвимости
In GNU Binutils 2.30, there's an integer overflow in the function load_specific_debug_section() in objdump.c, which results in `malloc()` with 0 size. A crafted ELF file allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
In GNU Binutils 2.30, there's an integer overflow in the function load_specific_debug_section() in objdump.c, which results in `malloc()` with 0 size. A crafted ELF file allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
In GNU Binutils 2.30, there's an integer overflow in the function load ...
In GNU Binutils 2.30, there's an integer overflow in the function load_specific_debug_section() in objdump.c, which results in `malloc()` with 0 size. A crafted ELF file allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
Уязвимость функции load_specific_debug_section программного средства разработки GNU Binutils, позволяющая нарушителю вызвать отказ в обслуживании
5.3 Medium
CVSS3