CVE-2018-6323

Source
https://nvd.nist.gov/vuln/detail/CVE-2018-6323
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-6323.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2018-6323
Related
Published
2018-01-26T08:29:00Z
Modified
2024-12-26T00:51:51.354519Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

The elfobjectp function in elfcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, has an unsigned integer overflow because bfdsizetype multiplication is not used. A crafted ELF file allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

References

Affected packages

Debian:11 / binutils

Package

Name
binutils
Purl
pkg:deb/debian/binutils?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.30-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / binutils

Package

Name
binutils
Purl
pkg:deb/debian/binutils?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.30-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / binutils

Package

Name
binutils
Purl
pkg:deb/debian/binutils?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.30-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / sourceware.org/git/binutils-gdb.git

Affected ranges

Type
GIT
Repo
https://sourceware.org/git/binutils-gdb.git
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
90276f15379d380761fc499da2ba24cfb3c12a94

Affected versions

Other

binu_ss_19990502
binutils-2_29
binutils-2_29_1
gdb-4_18-branchpoint
gdb_5_2-branchpoint
gdb_5_3-branchpoint
gdb_6_0-branchpoint
gdb_6_1-branchpoint
gdb_6_2-branchpoint
gdb_6_3-branchpoint
gdb_6_4-branchpoint
gdb_6_5-branchpoint
gdb_6_6-branchpoint
gdb_6_7-branchpoint
gdb_6_8-branchpoint
gdb_7_0-branchpoint
gdb_7_1-branchpoint
gdb_7_2-branchpoint
gdb_7_3-branchpoint
gdb_7_4-branchpoint
gdb_7_5-branchpoint
gdb_7_6-branchpoint
readline_4_0
users/ARM/embedded-binutils-master-2016q4

gdb-7.*

gdb-7.10-branchpoint
gdb-7.11-branchpoint
gdb-7.12-branchpoint
gdb-7.7-branchpoint
gdb-7.8-branchpoint
gdb-7.9-branchpoint

gdb-8.*

gdb-8.0-branchpoint