GNU binutils is used by IBM Netezza Analytics. IBM Netezza Analytics has addressed the applicable CVE by upgrading GNU binutils to latest version 2.35.
CVEID:CVE-2019-14444
**DESCRIPTION:**GNU Binutils is vulnerable to a denial of service, caused by an integer overflow in the byte_put_little_endian function in elfcomm.cc in the Binary File Descriptor (BFD) library. By persuading a victim to open a specially-crafted ELF file, a remote attacker could cause a denial of service.
CVSS Base score: 3.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/164817 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
Affected Product(s) | Version(s) |
---|---|
IBM Netezza Analytics | 3.3.7 and lower |
Product | VRMF | Remediation/First Fix |
---|---|---|
IBM Netezza Analytics | 3.3.8 | Link to Fix Central |
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm puredata system | eq | any |