Fixed
Created: Dec 19, 2018
Updated: Jan 25, 2019
Resolved Date: Jan 9, 2019
Found In Version: 8.0.0.28
Fix Version: 8.0.0.29
Severity: Standard
Applicable for: Wind River Linux 8
Component/s: Userspace
The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm.
https://nvd.nist.gov/vuln/detail/CVE-2018-20002