EulerOS 2.0 SP8 : binutils (EulerOS-SA-2019-2069)
Medium Nessus Plugin ID 129428
SynopsisThe remote EulerOS host is missing a security update.
DescriptionAccording to the version of the binutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :
- GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An ELF file with an invalid e_shoff header field must be opened.(CVE-2019-1010204)
Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected binutils package.