cbcvebase.
CVE-2018-12697
published 2018-06-23

CVE-2018-12697: A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as…

high7.5CVSS 3.0
AVNACLPRNUINSUCNINAH
A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump.

Affected

7 ranges
VendorProductVersion rangeFixed in
canonicalubuntu_linux
debianbinutils< binutils 2.32.51.20190707-1 (bookworm)binutils 2.32.51.20190707-1 (bookworm)
gnubinutils
gnubinutils>= 0 < 2.32.51.20190707-12.32.51.20190707-1
gnubinutils>= 0 < 2.32.51.20190707-12.32.51.20190707-1
gnubinutils>= 0 < 2.32.51.20190707-12.32.51.20190707-1
gnubinutils>= 0 < 2.32.51.20190707-12.32.51.20190707-1

CVSS provenance

nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH