Fixed
Created: May 1, 2018
Updated: Mar 8, 2020
Resolved Date: Mar 12, 2019
Found In Version: 6.0.0.36
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Userspace
concat_filename in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted binary file, as demonstrated by nm-new.
https://nvd.nist.gov/vuln/detail/CVE-2018-10373