The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump.
Base Score: 7.5
Impact Score: 6.4
Exploitability Score: 10
Base Score: 9.8
Impact Score: 5.9
Exploitability Score: 3.9
|151919||Ubuntu 16.04 LTS : GNU binutils vulnerabilities (USN-4336-2)||Nessus||Ubuntu Local Security Checks|
|135966||Ubuntu 18.04 LTS : GNU binutils vulnerabilities (USN-4336-1)||Nessus||Ubuntu Local Security Checks|
|128943||EulerOS Virtualization for ARM 64 18.104.22.168 : binutils (EulerOS-SA-2019-1940)||Nessus||Huawei Local Security Checks|
|127559||GLSA-201908-01 : Binutils: Multiple vulnerabilities||Nessus||Gentoo Local Security Checks|