Описание
There's a flaw in the BFD library of binutils. An attacker who supplies a crafted file to an application linked with BFD, and using the DWARF functionality, could cause an impact to system availability by way of excessive memory consumption.
Отчет
Red Hat Product Security does not consider this to be a vulnerability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | binutils | Out of support scope | ||
| Red Hat Enterprise Linux 7 | binutils | Out of support scope | ||
| Red Hat Enterprise Linux 8 | gcc-toolset-10-binutils | Will not fix | ||
| Red Hat Enterprise Linux 8 | gcc-toolset-9-binutils | Affected | ||
| Red Hat Enterprise Linux 9 | binutils | Not affected | ||
| Red Hat Enterprise Linux 8 | binutils | Fixed | RHSA-2021:4364 | 09.11.2021 |
| Red Hat Enterprise Linux 8 | binutils | Fixed | RHSA-2021:4364 | 09.11.2021 |
Показывать по
Дополнительная информация
0 Low
CVSS3
Связанные уязвимости
Rejected reason: Non Security Issue. See the binutils security policy for more details, https://sourceware.org/cgit/binutils-gdb/tree/binutils/SECURITY.txt
Rejected reason: Non Security Issue. See the binutils security policy for more details, https://sourceware.org/cgit/binutils-gdb/tree/binutils/SECURITY.txt
There's a flaw in the BFD library of binutils in versions before 2.36. An attacker who supplies a crafted file to an application linked with BFD, and using the DWARF functionality, could cause an impact to system availability by way of excessive memory consumption.
Уязвимость функции read_section() компонента dwarf2.c программного средства разработки GNU Binutils, позволяющая нарушителю вызвать отказ в обслуживании
0 Low
CVSS3