Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2019:2075
HistoryAug 30, 2019 - 2:35 a.m.

binutils security update

2019-08-3002:35:38
CentOS Project
lists.centos.org
170

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.005

Percentile

77.0%

JSON

CentOS Errata and Security Advisory CESA-2019:2075

The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities.

Security Fix(es):

  • binutils: integer overflow leads to heap-based buffer overflow in objdump (CVE-2018-1000876)

  • binutils: Stack Exhaustion in the demangling functions provided by libiberty (CVE-2018-12641)

  • binutils: NULL pointer dereference in work_stuff_copy_to_from in cplus-dem.c. (CVE-2018-12697)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-cr-announce/2019-August/032088.html

Affected packages:
binutils
binutils-devel

Upstream details at:
https://access.redhat.com/errata/RHSA-2019:2075

Related

nessus 41
amazon 1
oraclelinux 1
redhat 1
nvd 3
cve 3
f5 3
veracode 3
ubuntucve 9
redhatcve 3
openvas 20
ibm 6
osv 5
debiancve 2
prion 3
cvelist 3
gentoo 1
cloudlinux 4
ubuntu 3
photon 6
cloudfoundry 1
suse 2
nessus
nessus
NewStart CGSL CORE 5.04 / MAIN 5.04 : binutils Multiple Vulnerabilities (NS-SA-2019-0187)
2019-10-15 00:00:00
Amazon Linux 2 : binutils (ALAS-2019-1358)
2019-11-15 00:00:00
Oracle Linux 7 : binutils (ELSA-2019-2075)
2023-09-05 00:00:00
amazon
amazon
Medium: binutils
2019-11-11 17:35:00
oraclelinux
oraclelinux
binutils security and bug fix update
2019-08-13 00:00:00
redhat
redhat
(RHSA-2019:2075) Moderate: binutils security and bug fix update
2019-08-06 07:58:08
nvd
nvd
CVE-2018-12697
2018-06-23 23:29:00
CVE-2018-1000876
2018-12-20 17:29:01
CVE-2018-12641
2018-06-22 12:29:00
cve
cve
CVE-2018-12697
2018-06-23 23:29:00
CVE-2018-1000876
2018-12-20 17:29:01
CVE-2018-12641
2018-06-22 12:29:00
f5
f5
K43871899 : binutils vulnerability CVE-2018-1000876
2022-08-05 00:00:00
K92254835 : Binutils vulnerability CVE-2018-12641
2022-08-05 00:00:00
K01152385 : Binutils vulnerabilities CVE-2018-8945, CVE-2018-12697, CVE-2018-12698, CVE-2018-12699, and CVE-2018-12700
2018-07-23 00:00:00
veracode
veracode
Arbitrary Code Execution
2019-08-08 00:07:17
Denial Of Service (Dos)
2019-08-08 00:07:18
Denial Of Service (Dos)
2019-08-08 00:07:18
ubuntucve
ubuntucve
CVE-2018-1000876
2018-12-20 00:00:00
CVE-2018-12697
2018-06-23 00:00:00
CVE-2018-12641
2018-06-22 00:00:00
redhatcve
redhatcve
CVE-2018-1000876
2020-01-06 09:47:33
CVE-2018-12641
2020-03-23 07:58:52
CVE-2018-12697
2019-10-10 05:49:06
openvas
openvas
Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2019-1089)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2019-1231)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2019-1790)
2020-01-23 00:00:00
ibm
ibm
Security Bulletin: A security vulnerability has been identified in Red Hat® Enterprise Linux (RHEL) Server shipped with PurePower Integrated Manager (PPIM)
2019-12-20 08:47:33
Security Bulletin: Multiple Vulnerabilities in GNU binutils affects IBM Watson Studio Local
2019-12-20 14:31:33
Security Bulletin: Multiple vulnerabilities in GNU Binutils affect IBM Netezza Platform Software clients.
2020-07-23 09:47:08
osv
osv
CVE-2018-1000876
2018-12-20 17:29:01
CVE-2018-12697
2018-06-23 23:29:00
CVE-2018-12641
2018-06-22 12:29:00
debiancve
debiancve
CVE-2018-1000876
2018-12-20 17:29:01
CVE-2018-12697
2018-06-23 23:29:00
prion
prion
Null pointer dereference
2018-06-23 23:29:00
Integer overflow
2018-12-20 17:29:00
Stack overflow
2018-06-22 12:29:00
cvelist
cvelist
CVE-2018-1000876
2018-12-20 17:00:00
CVE-2018-12697
2018-06-23 22:00:00
CVE-2018-12641
2018-06-22 12:00:00
gentoo
gentoo
Binutils: Multiple vulnerabilities
2019-08-03 00:00:00
cloudlinux
cloudlinux
Fix of CVE: CVE-2021-45078, CVE-2018-9138, CVE-2018-17985, CVE-2018-12641, CVE-2018-12699, CVE-2018-12698, CVE-2018-12697, CVE-2018-12700, CVE-2018-18484, CVE-2018-18701, CVE-2018-12934, CVE-2018-18700, CVE-2018-17794, CVE-2018-18483
2021-12-29 15:09:05
Fix of 14 CVEs
2022-01-11 12:27:33
Fix of CVE: CVE-2018-18605, CVE-2019-12972, CVE-2016-4490, CVE-2018-6543, CVE-2018-19931, CVE-2018-10535, CVE-2019-17450, CVE-2018-7643, CVE-2016-4487, CVE-2016-4492, CVE-2018-20002, CVE-2018-1000876, CVE-2019-9073, CVE-2019-9075, CVE-2018-20671, CVE-2016-4488, CVE-2018-7568, CVE-2018-7642, CVE-2018-10373, CVE-2018-6323, CVE-2016-2226, CVE-2016-4493, CVE-2018-19932, CVE-2018-6759, CVE-2019-9077, CVE-2018-18607, CVE-2018-8945, CVE-2018-7208, CVE-2016-6131, CVE-2018-13033, CVE-2018-20623, CVE-2019-14444, CVE-2018-18309, CVE-2018-18606, CVE-2018-7569, CVE-2016-4489
2021-12-16 16:02:14
ubuntu
ubuntu
libiberty vulnerabilities
2020-04-08 00:00:00
GNU binutils vulnerabilities
2020-04-22 00:00:00
GNU binutils vulnerabilities
2021-07-21 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-2.0-0134
2019-02-25 00:00:00
Important Photon OS Security Update - PHSA-2019-0134
2019-02-25 00:00:00
Critical Photon OS Security Update - PHSA-2019-0209
2019-02-20 00:00:00
cloudfoundry
cloudfoundry
USN-4336-1: GNU binutils vulnerabilities | Cloud Foundry
2020-05-14 00:00:00
suse
suse
Security update for binutils (moderate)
2019-10-30 00:00:00
Security update for binutils (moderate)
2019-11-05 00:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.005

Percentile

77.0%

JSON
Related for CESA-2019:2075
nessus41amazon1oraclelinux1redhat1nvd3cve3f53veracode3ubuntucve9redhatcve3openvas20ibm6osv5debiancve2prion3cvelist3gentoo1cloudlinux4ubuntu3photon6cloudfoundry1suse2