CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-18606
https://notcve.org/view.php?id=CVE-2018-18606
An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in _bfd_add_merge_section when attempting to merge sections with large alignments. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld. Se ha descubierto un problema en la función merge_strings en merge.c en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distribuye en GNU Binutils 2.31. Hay una desreferencia de puntero NULL en _bfd_add_merge_section al intentar fusionar secciones con grandes alineaciones. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html http://www.securityfocus.com/bid/105754 https://security.netapp.com/advisory/ntap-20190307-0003 https://sourceware.org/bugzilla/show_bug.cgi?id=23806 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=45a0eaf77022963d639d6d19871dbab7b79703fc https://usn.ubuntu.com/4336-1 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-18607
https://notcve.org/view.php?id=CVE-2018-18607
An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in elf_link_input_bfd when used for finding STT_TLS symbols without any TLS section. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld. Se ha descubierto un problema en elf_link_input_bfd en elflink.c en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distribuye en GNU Binutils 2.31. Hay una desreferencia de puntero NULL en elf_link_input_bfd al emplearse para encontrar símbolos STT_TLS sin ninguna sección TLS. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html http://www.securityfocus.com/bid/105754 https://security.netapp.com/advisory/ntap-20190307-0003 https://sourceware.org/bugzilla/show_bug.cgi?id=23805 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=102def4da826b3d9e169741421e5e67e8731909a https://usn.ubuntu.com/4336-1 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 2CVE-2018-18483
https://notcve.org/view.php?id=CVE-2018-18483
The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt. La función get_count en cplus-dem.c en GNU libiberty, tal y como se distribuye en GNU Binutils 2.31, permite que atacantes remotos provoquen una denegación de servicio (malloc llamado con el resultado de un cálculo que desborda un entero) o, posiblemente, otro tipo de impacto sin especificar mediante una cadena manipulada, tal y como queda demostrado por c++filt. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html http://www.securityfocus.com/bid/105689 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87602 https://sourceware.org/bugzilla/show_bug.cgi?id=23767 https://usn.ubuntu.com/4326-1 https://usn.ubuntu.com/4336-1 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-18484
https://notcve.org/view.php?id=CVE-2018-18484
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack consumption problem caused by recursive stack frames: cplus_demangle_type, d_bare_function_type, d_function_type. Se ha descubierto una vulnerabilidad en cp-demangle.c en GNU libiberty, tal y como se distribuye en GNU Binutils 2.31. La pila se agota en las funciones demangling en C++ proporcionadas por libiberty y hay un problema de consumo de pila provocado por tramas de pila recursivas: cplus_demangle_type, d_bare_function_type y d_function_type. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html http://www.securityfocus.com/bid/105693 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87636 https://usn.ubuntu.com/4326-1 https://usn.ubuntu.com/4336-1 • CWE-674: Uncontrolled Recursion •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-18309
https://notcve.org/view.php?id=CVE-2018-18309
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in read_reloc in reloc.c. The vulnerability causes a segmentation fault and application crash, which leads to denial of service, as demonstrated by objdump, because of missing _bfd_clear_contents bounds checking. Se ha descubierto un problema en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distribuye en GNU Binutils 2.31. Se ha descubierto una desreferencia de dirección de memoria inválida en read_reloc en reloc.c. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html http://www.securityfocus.com/bid/105692 https://sourceware.org/bugzilla/show_bug.cgi?id=23770 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=0930cb3021b8078b34cf216e79eb8608d017864f https://usn.ubuntu.com/4336-1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •