PT-2019-19350 · Gnu+1 · Gnu Binutils+1

Spinpx

Published

2019-02-24

Updated

2021-12-10

CVE-2019-9072

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions GNU Binutils version 2.32

Description A problem has been discovered in the Binary File Descriptor (BFD) library, also known as libbfd, as distributed in GNU Binutils. The issue is an attempted excessive memory allocation in the setup group function in elf.c.

Recommendations For GNU Binutils version 2.32, consider updating to a newer version to mitigate the risk, as the issue is related to an attempted excessive memory allocation in the setup group function. As a temporary workaround, consider restricting access to the elf.c file or the setup group function until a patch is available.

Exploit

Fix

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-770

Related Identifiers

ALT-PU-2020-3352

ALT-PU-2020-3433

ALT-PU-2021-1230

CVE-2019-9072

Affected Products

Alt Linux

Gnu Binutils

PT-2019-19350 · Gnu+1 · Gnu Binutils+1

CVE-2019-9072

Weakness Enumeration

Related Identifiers

Affected Products

References · 73