CVE-2018-17358
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in _bfd_stab_section_find_nearest_line in syms.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.
Se ha detectado una vulnerabilidad en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distribuye en GNU Binutils 2.31. Existe un acceso a memoria no válida en _bfd_stab_section_find_nearest_line en syms.c. Los atacantes pueden aprovechar esta vulnerabilidad para provocar una denegación de servicio (cierre inesperado de la aplicación) mediante un archivo ELF manipulado.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-09-23 CVE Reserved
- 2018-09-23 CVE Published
- 2023-09-17 EPSS Updated
- 2024-08-05 CVE Updated
- 2024-08-05 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (5)
URL | Tag | Source |
---|---|---|
https://seclists.org/bugtraq/2020/Jan/25 | Mailing List |
URL | Date | SRC |
---|---|---|
https://sourceware.org/bugzilla/show_bug.cgi?id=23686 | 2024-08-05 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html | 2019-10-31 | |
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html | 2019-10-31 | |
https://usn.ubuntu.com/4336-1 | 2019-10-31 |