Lucene search

Veracode Vulnerability DatabaseVERACODE:20080

HistoryMay 16, 2019 - 3:54 a.m.

Denial Of Service (DoS)

2019-05-1603:54:32

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.001 Low

EPSS

Percentile

32.8%

JSON

Binutils is vulnerable to denial of service (DoS) attacks. The vulnerability exists in the _bfd_XX_bfd_copy_private_bfd_data_common function in peXXigen.c in the Binary File Descriptor (BFD) library. An unbounded loop in this function may result in an unwritable memory space by increasing the value of the *edd so that the address exceed its own memory region causing an application crash.

CPENameOperatorVersion
binutilseq2.27__28.base.el7_5.1
binutilseq2.27__27.base.el7
binutils:bioniceq2.30-15ubuntu1

Name	Operator	Version
binutils	eq	2.27__28.base.el7_5.1
binutils	eq	2.27__27.base.el7
binutils:bionic	eq	2.30-15ubuntu1

References

access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.6_release_notes/index

access.redhat.com/errata/RHSA-2018:3032

access.redhat.com/security/updates/classification/#low

bugzilla.redhat.com/show_bug.cgi?id=1439351

bugzilla.redhat.com/show_bug.cgi?id=1553842

bugzilla.redhat.com/show_bug.cgi?id=1557346

bugzilla.redhat.com/show_bug.cgi?id=1573872

0.001 Low

EPSS

Percentile

32.8%

JSON

Related for VERACODE:20080