CVE-2018-7569

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer underflow or overflow, and application crash) via an ELF file with a corrupt DWARF FORM block, as demonstrated by nm.

References

http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html

http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html

https://access.redhat.com/errata/RHBA-2019:0327

https://access.redhat.com/errata/RHSA-2018:3032

https://security.gentoo.org/glsa/201811-17

https://sourceware.org/bugzilla/show_bug.cgi?id=22895

Details

Source: MITRE

Published: 2018-02-28

Updated: 2019-10-31

Type: CWE-190

Risk Information

CVSS v2

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 1.8

Severity: MEDIUM

Tenable Plugins

View all (29 total)

IDNameProductFamilySeverity
151919Ubuntu 16.04 LTS : GNU binutils vulnerabilities (USN-4336-2)NessusUbuntu Local Security Checks
critical
130576openSUSE Security Update : binutils (openSUSE-2019-2432)NessusSuSE Local Security Checks
high
130420openSUSE Security Update : binutils (openSUSE-2019-2415)NessusSuSE Local Security Checks
high
130340SUSE SLED15 / SLES15 Security Update : binutils (SUSE-SU-2019:2780-1)NessusSuSE Local Security Checks
high
130257SUSE SLED15 / SLES15 Security Update : binutils (SUSE-SU-2019:2779-1)NessusSuSE Local Security Checks
high
127252NewStart CGSL CORE 5.04 / MAIN 5.04 : binutils Multiple Vulnerabilities (NS-SA-2019-0060)NessusNewStart CGSL Local Security Checks
high
124934EulerOS Virtualization 3.0.1.0 : binutils (EulerOS-SA-2019-1431)NessusHuawei Local Security Checks
high
124880EulerOS Virtualization for ARM 64 3.0.1.0 : binutils (EulerOS-SA-2019-1377)NessusHuawei Local Security Checks
high
123905EulerOS Virtualization 2.5.4 : binutils (EulerOS-SA-2019-1219)NessusHuawei Local Security Checks
medium
123342openSUSE Security Update : binutils (openSUSE-2019-808)NessusSuSE Local Security Checks
high
122166EulerOS 2.0 SP5 : binutils (EulerOS-SA-2019-1019)NessusHuawei Local Security Checks
high
121960Photon OS 2.0: Binutils PHSA-2018-2.0-0064NessusPhotonOS Local Security Checks
critical
121852Photon OS 1.0: Binutils PHSA-2018-1.0-0154NessusPhotonOS Local Security Checks
critical
121047Amazon Linux 2 : binutils (ALAS-2019-1138)NessusAmazon Linux Local Security Checks
high
120133SUSE SLED15 / SLES15 Security Update : binutils (SUSE-SU-2018:3170-2)NessusSuSE Local Security Checks
high
120132SUSE SLED15 / SLES15 Security Update : binutils (SUSE-SU-2018:3170-1)NessusSuSE Local Security Checks
high
119915EulerOS 2.0 SP2 : binutils (EulerOS-SA-2018-1426)NessusHuawei Local Security Checks
medium
119528EulerOS 2.0 SP3 : binutils (EulerOS-SA-2018-1400)NessusHuawei Local Security Checks
medium
119179Scientific Linux Security Update : binutils on SL7.x x86_64 (20181030)NessusScientific Linux Local Security Checks
high
119162GLSA-201811-17 : Binutils: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
118983CentOS 7 : binutils (CESA-2018:3032)NessusCentOS Local Security Checks
high
118762Oracle Linux 7 : binutils (ELSA-2018-3032)NessusOracle Linux Local Security Checks
high
118514RHEL 7 : binutils (RHSA-2018:3032)NessusRed Hat Local Security Checks
high
118337openSUSE Security Update : binutils (openSUSE-2018-1222)NessusSuSE Local Security Checks
high
118303SUSE SLES12 Security Update : binutils (SUSE-SU-2018:3207-2)NessusSuSE Local Security Checks
critical
118220openSUSE Security Update : binutils (openSUSE-2018-1198)NessusSuSE Local Security Checks
critical
118199SUSE SLED12 / SLES12 Security Update : binutils (SUSE-SU-2018:3207-1)NessusSuSE Local Security Checks
critical
111951Photon OS 2.0: Binutils / Glibc PHSA-2018-2.0-0064 (deprecated)NessusPhotonOS Local Security Checks
critical
111938Photon OS 1.0: Apache / Binutils PHSA-2018-1.0-0154 (deprecated)NessusPhotonOS Local Security Checks
critical