Fixed
Created: Dec 19, 2018
Updated: Feb 11, 2019
Resolved Date: Jan 27, 2019
Found In Version: 10.17.41.1
Fix Version: 10.17.41.14
Severity: Standard
Applicable for: Wind River Linux LTS 17
Component/s: Userspace
The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm.
https://nvd.nist.gov/vuln/detail/CVE-2018-20002