Описание
The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, interpret a -1 value as a sorting count instead of an error flag, which allows remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 2.29.1-1ubuntu1 |
| bionic | not-affected | 2.29.1-1ubuntu1 |
| cosmic | not-affected | 2.29.1-1ubuntu1 |
| devel | not-affected | 2.29.1-1ubuntu1 |
| disco | not-affected | 2.29.1-1ubuntu1 |
| eoan | not-affected | 2.29.1-1ubuntu1 |
| esm-infra-legacy/trusty | not-affected | code not present |
| esm-infra/bionic | not-affected | 2.29.1-1ubuntu1 |
| esm-infra/xenial | not-affected | code not present |
| precise/esm | not-affected | code not present |
Показывать по
Ссылки на источники
EPSS
6.8 Medium
CVSS2
7.8 High
CVSS3
Связанные уязвимости
The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, interpret a -1 value as a sorting count instead of an error flag, which allows remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c.
The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, interpret a -1 value as a sorting count instead of an error flag, which allows remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c.
The *_get_synthetic_symtab functions in the Binary File Descriptor (BF ...
The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, interpret a -1 value as a sorting count instead of an error flag, which allows remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c.
Уязвимость компонентов elf32-i386.c, elf64-x86-64.c программного средства разработки GNU Binutils, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
EPSS
6.8 Medium
CVSS2
7.8 High
CVSS3