Lucene search

Veracode Vulnerability DatabaseVERACODE:20081

HistoryMay 16, 2019 - 3:54 a.m.

Denial Of Service (DoS)

2019-05-1603:54:32

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.004 Low

EPSS

Percentile

74.4%

JSON

Binutils is vulnerable to denial of service (DoS) attacks. The vulnerability exists in the ignore_section_sym function in elf.c in the Binary File Descriptor (BFD) library because it does not validate the output_section pointer in the case of a symtab entry with a “SECTION” type that has a “0” value. An attacker could cause an application crash via a crafted file.

CPENameOperatorVersion
binutilseq2.27__28.base.el7_5.1
binutilseq2.27__27.base.el7
binutils:bioniceq2.30-15ubuntu1

Name	Operator	Version
binutils	eq	2.27__28.base.el7_5.1
binutils	eq	2.27__27.base.el7
binutils:bionic	eq	2.30-15ubuntu1

References

access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.6_release_notes/index

access.redhat.com/errata/RHSA-2018:3032

access.redhat.com/security/updates/classification/#low

bugzilla.redhat.com/show_bug.cgi?id=1439351

bugzilla.redhat.com/show_bug.cgi?id=1553842

bugzilla.redhat.com/show_bug.cgi?id=1557346

bugzilla.redhat.com/show_bug.cgi?id=1573872

0.004 Low

EPSS

Percentile

74.4%

JSON

Related for VERACODE:20081