CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2018-19932 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2018-19932
07 Dec 2018 — An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is an integer overflow and infinite loop caused by the IS_CONTAINED_BY_LMA macro in elf.c. Se ha descubierto un problema en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distribuye en GNU Binutils hasta la versión 2.31. Hay un desbordamiento de enteros y un bucle infinito provocados por la macro IS_CONTAINED_BY_LMA en elf.c. USN-4336-1... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-18700 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2018-18700
27 Oct 2018 — An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions d_name(), d_encoding(), and d_local_name() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm. Se ha descubierto una vulnerabilidad en cp-demangle.c en GNU libiberty, tal y como se distribuye en GNU Binutils 2.31. Hay una vulnerabilidad... • https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87681 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-18701 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2018-18701
27 Oct 2018 — An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions next_is_type_qual() and cplus_demangle_type() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm. Se ha descubierto una vulnerabilidad en cp-demangle.c en GNU libiberty, tal y como se distribuye en GNU Binutils 2.31. Hay una vulnerabili... • https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87675 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-18605 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2018-18605
23 Oct 2018 — A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld. Se ha descubierto un problema de sobrelectura de búfer basada en memoria dinámica (heap) en la función sec_merge_hash_l... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-18606 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2018-18606
23 Oct 2018 — An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in _bfd_add_merge_section when attempting to merge sections with large alignments. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld. Se ha descubierto un problema en la función merge_strings en merge.c en la biblioteca Binary File Descriptor (BFD), también conocida... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-18607 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2018-18607
23 Oct 2018 — An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in elf_link_input_bfd when used for finding STT_TLS symbols without any TLS section. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld. Se ha descubierto un problema en elf_link_input_bfd en elflink.c en la biblioteca Binary File Descriptor (BFD), también conocida como li... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2018-18483 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2018-18483
18 Oct 2018 — The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt. La función get_count en cplus-dem.c en GNU libiberty, tal y como se distribuye en GNU Binutils 2.31, permite que atacantes remotos provoquen una denegación de servicio (malloc llamado con el resultado de ... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-18484 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2018-18484
18 Oct 2018 — An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack consumption problem caused by recursive stack frames: cplus_demangle_type, d_bare_function_type, d_function_type. Se ha descubierto una vulnerabilidad en cp-demangle.c en GNU libiberty, tal y como se distribuye en GNU Binutils 2.31. La pila se agota en las funciones demangling en C++ proporcionadas por libiberty y ... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html • CWE-674: Uncontrolled Recursion •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-18309 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2018-18309
15 Oct 2018 — An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in read_reloc in reloc.c. The vulnerability causes a segmentation fault and application crash, which leads to denial of service, as demonstrated by objdump, because of missing _bfd_clear_contents bounds checking. Se ha descubierto un problema en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distri... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-17985 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2018-17985
04 Oct 2018 — An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplus_demangle_type function making recursive calls to itself in certain scenarios involving many 'P' characters. Se ha descubierto una vulnerabilidad en cp-demangle.c en GNU libiberty, tal y como se distribuye en GNU Binutils 2.31. Hay un problema de consumo de pila causado por la función cplus_demangle_type que hace llamadas recursivas a sí misma en determinada... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html • CWE-400: Uncontrolled Resource Consumption •