Home CVE Database CVE-2018-10535

CVE-2018-10535

Description

The ignore_section_sym function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, does not validate the output_section pointer in the case of a symtab entry with a SECTION type that has a 0 value, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file, as demonstrated by objcopy.

Priority: MEDIUM
CVSS v3: 5.5
Publish Date: Apr 29, 2018
Related ID: --
CVSS v2: MEDIUM
Modified Date: Apr 29, 2018

Find out more about CVE-2018-10535 from the MITRE-CVE dictionary and NIST NVD


Products Affected

Login may be required to access defects or downloads.

Related Products

Product Name Status Defect Fixed Downloads
Linux 7 SCP Not Vulnerable -- -- --
Linux 7 CGP Not Vulnerable -- -- --

Comments

binutils

Live chat
Online