INFSA-2024:9689: binutils security update
Information about definition
Identificator: INFSA-2024:9689
Type: security
Release date: 2024-12-13 11:30:10 UTC
Information about package
The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities.
Vulnerabilities description
- CVE-2018-12699
finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2018-12699
|
no information | 0 | no information |
Updated packages