CVE-2018-17358 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Binutils
CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer12 documents8 sources
Severity
5.5MEDIUMNVD
EPSS
0.4%
top 36.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedSep 23
Latest updateMay 13
Description
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in _bfd_stab_section_find_nearest_line in syms.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.
CVSS vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages2 packages
🔴Vulnerability Details
3GHSA▶
GHSA-wp88-2cgw-238q: An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2↗2022-05-13
OSV▶
CVE-2018-17358: An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2↗2018-09-23
CVEList▶
CVE-2018-17358: An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2↗2018-09-23
📋Vendor Advisories
4Debian▶
CVE-2018-17358: binutils - An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd)...↗2018
💬Community
4Bugzilla▶
CVE-2018-17358 binutils: invalid memory access in _bfd_stab_section_find_nearest_line in syms.c [fedora-all]↗2018-09-25
Bugzilla▶
CVE-2018-17358 mingw-binutils: binutils: invalid memory access in _bfd_stab_section_find_nearest_line in syms.c [fedora-all]↗2018-09-25
Bugzilla▶
CVE-2018-17358 mingw-binutils: binutils: invalid memory access in _bfd_stab_section_find_nearest_line in syms.c [epel-all]↗2018-09-25
Bugzilla▶
CVE-2018-17358 binutils: invalid memory access in _bfd_stab_section_find_nearest_line in syms.c↗2018-09-25