CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-20002
https://notcve.org/view.php?id=CVE-2018-20002
The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm. La función _bfd_generic_read_minisymbols en syms.c en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distribuye en GNU Binutils 2.31, tiene una fuga de memoria mediante un archivo ELF manipulado, que conduce a una denegación de servicio (consumo de memoria), tal y como queda demostrado con nm. • http://www.securityfocus.com/bid/106142 https://security.gentoo.org/glsa/201908-01 https://security.netapp.com/advisory/ntap-20190221-0004 https://sourceware.org/bugzilla/show_bug.cgi?id=23952 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=c2f5dc30afa34696f2da0081c4ac50b958ecb0e9 https://support.f5.com/csp/article/K62602089 https://usn.ubuntu.com/4336-1 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2018-19931
https://notcve.org/view.php?id=CVE-2018-19931
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is a heap-based buffer overflow in bfd_elf32_swap_phdr_in in elfcode.h because the number of program headers is not restricted. Se ha descubierto un problema en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distribuye en GNU Binutils 2.31. Hay un desbordamiento de búfer basado en memoria dinámica (heap) en bfd_elf32_swap_phdr_in en elfcode.h debido a que el número de cabeceras del programa no está restringido. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html http://www.securityfocus.com/bid/106144 https://security.gentoo.org/glsa/201908-01 https://security.netapp.com/advisory/ntap-20190221-0004 https://sourceware.org/bugzilla/show_bug.cgi?id=23942 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=5f60af5d24d181371d67534fa273dd221df20c07 https://usn.ubuntu.com/4336-1 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2018-19932
https://notcve.org/view.php?id=CVE-2018-19932
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is an integer overflow and infinite loop caused by the IS_CONTAINED_BY_LMA macro in elf.c. Se ha descubierto un problema en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distribuye en GNU Binutils hasta la versión 2.31. Hay un desbordamiento de enteros y un bucle infinito provocados por la macro IS_CONTAINED_BY_LMA en elf.c. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html http://www.securityfocus.com/bid/106144 https://security.gentoo.org/glsa/201908-01 https://security.netapp.com/advisory/ntap-20190221-0004 https://sourceware.org/bugzilla/show_bug.cgi?id=23932 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=beab453223769279cc1cef68a1622ab8978641f7 https://usn.ubuntu.com/4336-1 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-18700
https://notcve.org/view.php?id=CVE-2018-18700
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions d_name(), d_encoding(), and d_local_name() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm. Se ha descubierto una vulnerabilidad en cp-demangle.c en GNU libiberty, tal y como se distribuye en GNU Binutils 2.31. Hay una vulnerabilidad de consumo de pila que resulta de una recursión infinita en las funciones d_name(), d_encoding() y d_local_name() en cp-demangle.c. • https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87681 https://usn.ubuntu.com/4326-1 https://usn.ubuntu.com/4336-1 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-18701
https://notcve.org/view.php?id=CVE-2018-18701
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions next_is_type_qual() and cplus_demangle_type() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm. Se ha descubierto una vulnerabilidad en cp-demangle.c en GNU libiberty, tal y como se distribuye en GNU Binutils 2.31. Hay una vulnerabilidad de consumo de pila que resulta de una recursión infinita en las funciones next_is_type_qual() y cplus_demangle_type() en cp-demangle.c. • https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87675 https://usn.ubuntu.com/4326-1 https://usn.ubuntu.com/4336-1 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •