An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is a heap-based buffer overflow in bfd_elf32_swap_phdr_in in elfcode.h because the number of program headers is not restricted.
2018-12-07T07:29:00.253
2024-11-21T03:58:49.940
Modified
CVSSv3.1: 7.8 (HIGH)
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.6
6.4
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | gnu | binutils | ≤ 2.31 | Yes |
Application | netapp | vasa_provider | ≥ 7.2 | Yes |
Operating System | canonical | ubuntu_linux | 18.04 | Yes |