PT-2019-6394 · Gnu+4 · Gnu Binutils+4

Ren Kimura

·

Publicado

2019-06-18

·

Atualizado

2024-06-15

·

CVE-2019-14250

CVSS v2.0

7.8

Alta

VetorAV:N/AC:L/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions GNU Binutils version 2.32
Description The issue is related to an integer overflow in the simple object elf match function of the libiberty component in simple-object-elf.c. This can lead to a heap-based buffer overflow. The exploitation of this issue allows a remote attacker to cause a denial of service.
Recommendations For GNU Binutils version 2.32, consider updating to a newer version that contains a fix for this issue, as the current version is affected by an integer overflow in the simple object elf match function. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Integer Overflow

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-190CWE-787

Identificadores relacionados

ALT-PU-2020-3352
ALT-PU-2020-3433
ALT-PU-2021-1230
BDU:2023-07806
CVE-2019-14250
MGASA-2020-0112
OPENSUSE-SU-2019:2364-1
OPENSUSE-SU-2019:2365-1
OPENSUSE-SU-2019_2364-1
OPENSUSE-SU-2019_2365-1
OPENSUSE-SU-2020:0716-1
OPENSUSE-SU-2020:1790-1
OPENSUSE-SU-2020:1804-1
OPENSUSE-SU-2020_0716-1
OPENSUSE-SU-2020_1790-1
OPENSUSE-SU-2020_1804-1
OPENSUSE-SU-2024:10651-1
OPENSUSE-SU-2024:10703-1
SUSE-SU-2019:2702-1
SUSE-SU-2019:3061-1
SUSE-SU-2019_2702-1
SUSE-SU-2019_3061-1
SUSE-SU-2020:0394-1
SUSE-SU-2020:3060-1
SUSE-SU-2020:3552-1
SUSE-SU-2020_0394-1
SUSE-SU-2021:3593-1
SUSE-SU-2022:2015-1
SUSE-SU-2022_2015-1
SUSE-SU-2023:3662-1
SUSE-SU-2023_3662-1
USN-4326-1
USN-4336-1
USN-4336-2

Produtos afetados

Alt Linux
Astra Linux
Gnu Binutils
Suse
Ubuntu