PT-2018-3965 · Gnu+4 · Gnu Binutils+4

Dongdong She

Published

2018-11-20

Updated

2026-01-30

CVE-2018-19932

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions GNU Binutils versions through 2.31

Description An issue in the Binary File Descriptor (BFD) library, specifically in the elf.c component, is related to the IS CONTAINED BY LMA macro. This issue causes an integer overflow and an infinite loop. The exploitation of this issue can lead to a denial of service by a remote attacker.

Recommendations For GNU Binutils versions through 2.31, consider updating to a version that addresses the integer overflow and infinite loop issue caused by the IS CONTAINED BY LMA macro in elf.c. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

ALT-PU-2018-2665

ALT-PU-2019-1204

ALT-PU-2019-1367

BDU:2023-07794

CLEANSTART-2026-HF39630

CVE-2018-19932

OPENSUSE-SU-2019:2415-1

OPENSUSE-SU-2019:2432-1

OPENSUSE-SU-2019_2415-1

OPENSUSE-SU-2019_2432-1

OPENSUSE-SU-2024:10651-1

SUSE-SU-2019:2650-1

SUSE-SU-2019:2779-1

SUSE-SU-2019:2780-1

USN-4336-1

USN-4336-2

Affected Products

Alt Linux

Astra Linux

Gnu Binutils

Suse

Ubuntu

PT-2018-3965 · Gnu+4 · Gnu Binutils+4

CVE-2018-19932

Weakness Enumeration

Related Identifiers

Affected Products

References · 337