Lucene search

PRIOn knowledge basePRION:CVE-2018-19932

HistoryDec 07, 2018 - 7:29 a.m.

Integer overflow

2018-12-0707:29:00

PRIOn knowledge base

www.prio-n.com

6.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.1%

JSON

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is an integer overflow and infinite loop caused by the IS_CONTAINED_BY_LMA macro in elf.c.

CPENameOperatorVersion
binutilsle2.31
vasa_providerge7.2

CPE	Name	Operator	Version
	binutils	le	2.31
	vasa_provider	ge	7.2

References

lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html

lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html

www.securityfocus.com/bid/106144

security.gentoo.org/glsa/201908-01

security.netapp.com/advisory/ntap-20190221-0004/

sourceware.org/bugzilla/show_bug.cgi?id=23932

sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=beab453223769279cc1cef68a1622ab8978641f7

usn.ubuntu.com/4336-1/