Wind River Support Network

HomeDefectsLIN8-10004

Fixed

LIN8-10004 : Security Advisory - binutils - CVE-2018-18309

Created: Oct 31, 2018 Updated: Jan 14, 2019

Resolved Date: Nov 26, 2018

Found In Version: 8.0.0.28

Fix Version: 8.0.0.28

Severity: Standard

Applicable for: Wind River Linux 8

Component/s: Userspace

Description

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in read_reloc in reloc.c. The vulnerability causes a segmentation fault and application crash, which leads to denial of service, as demonstrated by objdump, because of missing _bfd_clear_contents bounds checking.

https://nvd.nist.gov/vuln/detail/CVE-2018-18309

Other Downloads

Wind River Linux 8.0.0.28
Wind River Linux 8.0.0.29
Wind River Linux 8.0.0.30
Wind River Linux 8.0.0.31
Wind River Linux 8.0.0.32
Wind River Linux 8.0.0.33
Wind River Linux 8.0.0.34

CVEs

CVE-2018-18309