PT-2018-3965 · Gnu+4 · Gnu Binutils+4

Dongdong She

Publicado

2018-11-20

Atualizado

2026-01-30

CVE-2018-19932

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions GNU Binutils versions through 2.31

Description An issue in the Binary File Descriptor (BFD) library, specifically in the elf.c component, is related to the IS CONTAINED BY LMA macro. This issue causes an integer overflow and an infinite loop. The exploitation of this issue can lead to a denial of service by a remote attacker.

Recommendations For GNU Binutils versions through 2.31, consider updating to a version that addresses the integer overflow and infinite loop issue caused by the IS CONTAINED BY LMA macro in elf.c. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Integer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-190

Identificadores relacionados

ALT-PU-2018-2665

ALT-PU-2019-1204

ALT-PU-2019-1367

BDU:2023-07794

CLEANSTART-2026-HF39630

CVE-2018-19932

OPENSUSE-SU-2019:2415-1

OPENSUSE-SU-2019:2432-1

OPENSUSE-SU-2019_2415-1

OPENSUSE-SU-2019_2432-1

OPENSUSE-SU-2024:10651-1

SUSE-SU-2019:2650-1

SUSE-SU-2019:2779-1

SUSE-SU-2019:2780-1

USN-4336-1

USN-4336-2

Produtos afetados

Alt Linux

Astra Linux

Gnu Binutils

Suse

Ubuntu

PT-2018-3965 · Gnu+4 · Gnu Binutils+4

CVE-2018-19932

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 337