exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2018-10535

Status Candidate

Overview

The ignore_section_sym function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, does not validate the output_section pointer in the case of a symtab entry with a "SECTION" type that has a "0" value, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file, as demonstrated by objcopy.

Related Files

Ubuntu Security Notice USN-4336-2
Posted Jul 21, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4336-2 - USN-4336-1 fixed several vulnerabilities in GNU binutils. This update provides the corresponding update for Ubuntu 16.04 ESM. It was discovered that GNU binutils contained a large number of security issues. If a user or automated system were tricked into processing a specially-crafted file, a remote attacker could cause GNU binutils to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-2226, CVE-2016-4490, CVE-2016-6131, CVE-2017-12451, CVE-2017-12455, CVE-2017-12459, CVE-2017-14128, CVE-2017-14529, CVE-2017-14939, CVE-2017-15022, CVE-2017-15938, CVE-2017-16827, CVE-2017-17080, CVE-2017-17125, CVE-2017-7209, CVE-2017-7225, CVE-2017-7300, CVE-2017-8393, CVE-2017-8397, CVE-2017-9039, CVE-2017-9044, CVE-2017-9746, CVE-2017-9750, CVE-2017-9754, CVE-2018-1000876, CVE-2018-10535, CVE-2018-12699
SHA-256 | 1662afa72f2d87642296df471f8381898778a05e1750f09020f156f39446b6cf
Ubuntu Security Notice USN-4336-1
Posted Apr 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4336-1 - It was discovered that GNU binutils contained a large number of security issues. If a user or automated system were tricked into processing a specially-crafted file, a remote attacker could cause GNU binutils to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-1000876, CVE-2018-10535, CVE-2018-12699, CVE-2018-17358, CVE-2018-17985, CVE-2018-18605, CVE-2018-18701, CVE-2018-20623, CVE-2018-9138, CVE-2019-17450, CVE-2019-9073
SHA-256 | e58de14e9fe7977815258d05ebf940b3f31230553e95ef56a4f46ed3ebcaaae3
Gentoo Linux Security Advisory 201908-01
Posted Aug 3, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201908-1 - Multiple vulnerabilities have been found in Binutils, the worst of which may allow remote attackers to cause a Denial of Service condition. Versions less than 2.32-r1 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2018-10372, CVE-2018-10373, CVE-2018-10534, CVE-2018-10535, CVE-2018-12641, CVE-2018-12697, CVE-2018-12698, CVE-2018-12699, CVE-2018-12700, CVE-2018-13033, CVE-2018-19931, CVE-2018-19932, CVE-2018-20002, CVE-2018-20651
SHA-256 | e47ef20d77f45205b09348e695bce0bb9fb00480da6d3399ea647eae090f5707
Red Hat Security Advisory 2018-3032-01
Posted Oct 30, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-3032-01 - The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Issues addressed include denial of service and null pointer vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2018-10372, CVE-2018-10373, CVE-2018-10534, CVE-2018-10535, CVE-2018-13033, CVE-2018-7208, CVE-2018-7568, CVE-2018-7569, CVE-2018-7642, CVE-2018-7643, CVE-2018-8945
SHA-256 | 6a61e7e442bb7fe42b576a597775e323dc3d637e3e0e43c99bd72bd161f80495
Page 1 of 1
Back1Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    0 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close