DEBIAN-CVE-2018-18309
- Source
- https://security-tracker.debian.org/tracker/CVE-2018-18309
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2018-18309.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2018-18309
- Upstream
- Published
- 2018-10-15T02:29:00.767Z
- Modified
- 2025-11-14T03:18:39.738137Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in readreloc in reloc.c. The vulnerability causes a segmentation fault and application crash, which leads to denial of service, as demonstrated by objdump, because of missing _bfdclear_contents bounds checking.
- References
Affected packages
Debian:11 / binutils
Package
- Name
- binutils
- Purl
- pkg:deb/debian/binutils?arch=source
Debian:12 / binutils
Package
- Name
- binutils
- Purl
- pkg:deb/debian/binutils?arch=source
Debian:13 / binutils
Package
- Name
- binutils
- Purl
- pkg:deb/debian/binutils?arch=source
Debian:14 / binutils
Package
- Name
- binutils
- Purl
- pkg:deb/debian/binutils?arch=source