Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2018-7569

Опубликовано: 26 фев. 2018
Источник: redhat
CVSS3: 3.3

Описание

dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer underflow or overflow, and application crash) via an ELF file with a corrupt DWARF FORM block, as demonstrated by nm.

An integer wraparound has been discovered in the Binary File Descriptor (BFD) library distributed in GNU Binutils up to version 2.30. An attacker could cause a crash by providing an ELF file with corrupted DWARF debug information.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5binutilsWill not fix
Red Hat Enterprise Linux 5binutils220Will not fix
Red Hat Enterprise Linux 6binutilsWill not fix
Red Hat Enterprise Linux 8binutilsNot affected
Red Hat Enterprise Linux 7binutilsFixedRHSA-2018:303230.10.2018

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-190
https://bugzilla.redhat.com/show_bug.cgi?id=1551778binutils: integer underflow or overflow via an ELF file with a corrupt DWARF FORM block in libbfd library

3.3 Low

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2018-7569

CVSS3: 5.5
ubuntu
больше 7 лет назад

dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer underflow or overflow, and application crash) via an ELF file with a corrupt DWARF FORM block, as demonstrated by nm.

nvd логотип

CVE-2018-7569

CVSS3: 5.5
nvd
больше 7 лет назад

dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer underflow or overflow, and application crash) via an ELF file with a corrupt DWARF FORM block, as demonstrated by nm.

debian логотип

CVE-2018-7569

CVSS3: 5.5
debian
больше 7 лет назад

dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as ...

github логотип

GHSA-q9f4-96w8-25fw

CVSS3: 5.5
github
больше 3 лет назад

dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer underflow or overflow, and application crash) via an ELF file with a corrupt DWARF FORM block, as demonstrated by nm.

fstec логотип

BDU:2019-00577

CVSS3: 5.5
fstec
больше 7 лет назад

Уязвимость функции parse_die программного средства разработки GNU Binutils, позволяющая нарушителю вызвать отказ в обслуживании

3.3 Low

CVSS3