Design/Logic Flaw

2018-07-0116:29:00

PRIOn knowledge base

www.prio-n.com

5.9 Medium

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.3%

JSON

The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file, as demonstrated by _bfd_elf_parse_attributes in elf-attrs.c and bfd_malloc in libbfd.c. This can occur during execution of nm.

CPENameOperatorVersion
binutilseq2.30
enterprise_linux_desktopeq7.0
enterprise_linux_servereq7.0
enterprise_linux_workstationeq7.0
openshift_container_platformeq3.11