PT-2018-3924 · Gnu+5 · Gnu Binutils+5

Cornelius Aschermann

Published

2018-04-11

Updated

2021-07-21

CVE-2018-12697

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions GNU Binutils version 2.30

Description The issue is related to a NULL pointer dereference error in the work stuff copy to from function of the cplus-dem.c component. This error can be exploited by a remote attacker to cause a denial of service. The vulnerability can occur during the execution of objdump.

Recommendations For GNU Binutils version 2.30, consider updating to a newer version that contains a fix for this issue, as the current version is affected by the NULL pointer dereference error in the work stuff copy to from function. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALT-PU-2019-1204

ALT-PU-2019-1367

BDU:2023-03807

CESA-2019_2075

CVE-2018-12697

RHSA-2019:2075

RHSA-2019_2075

USN-4326-1

USN-4336-1

USN-4336-2

Affected Products

Alt Linux

Astra Linux

Centos

Gnu Binutils

Red Hat

Ubuntu

PT-2018-3924 · Gnu+5 · Gnu Binutils+5

CVE-2018-12697

Weakness Enumeration

Related Identifiers

Affected Products

References · 496