Fixed
Created: Jul 15, 2018
Updated: Mar 8, 2020
Resolved Date: Mar 12, 2019
Found In Version: 6.0.0.37
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Userspace
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file, as demonstrated by _bfd_elf_parse_attributes in elf-attrs.c and bfd_malloc in libbfd.c. This can occur during execution of nm.
https://nvd.nist.gov/vuln/detail/CVE-2018-13033
