The srec_scan function in bfd/srec.c in libdbfd in GNU binutils before 2.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a small S-record.
2014-12-09T23:59:00.083
2025-04-12T10:46:40.837
Deferred
CVSSv2: 5.0 (MEDIUM)
AV:N/AC:L/Au:N/C:N/I:N/A:P
10.0
2.9
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | gnu | binutils | ≤ 2.24 | Yes |
Operating System | fedoraproject | fedora | 19 | Yes |
Operating System | fedoraproject | fedora | 20 | Yes |
Operating System | fedoraproject | fedora | 21 | Yes |
Operating System | canonical | ubuntu_linux | 10.04 | Yes |
Operating System | canonical | ubuntu_linux | 12.04 | Yes |
Operating System | canonical | ubuntu_linux | 14.04 | Yes |
Operating System | canonical | ubuntu_linux | 14.10 | Yes |