Wind River Support Network

HomeDefectsLIN9-6332

Fixed

LIN9-6332 : Security Advisory - binutils - CVE-2018-6323

Created: Jan 30, 2018 Updated: Dec 3, 2018

Resolved Date: Mar 15, 2018

Found In Version: 9.0.0.13

Fix Version: 9.0.0.15

Severity: Standard

Applicable for: Wind River Linux 9

Component/s: Userspace

Description

The elf_object_p function in elfcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, has an unsigned integer overflow because bfd_size_type multiplication is not used. A crafted ELF file allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

https://nvd.nist.gov/vuln/detail/CVE-2018-6323

Other Downloads

Wind River Linux 9.0.0.15
Wind River Linux 9.0.0.16
Wind River Linux 9.0.0.17
Wind River Linux 9.0.0.18
Wind River Linux 9.0.0.19
Wind River Linux 9.0.0.20
Wind River Linux 9.0.0.21
Wind River Linux 9.0.0.22
Wind River Linux 9.0.0.23
Wind River Linux 9.0.0.24
Wind River Linux 9.0.0.25
Wind River Linux 9.0.0.26

CVEs

CVE-2018-6323