Updated: 2024-11-23 03:13:08.675318
Description:
The bfd_mach_o_read_symtab_strtab function in bfd/mach-o.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted mach-o file.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | MEDIUM | 6.8 |
| CVSS Version 3.x | HIGH | 7.8 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| CentOS 6 ELS | binutils | 2.20 | 7.8 | HIGH | Released | CLSA-2021:1638803819 | 2022-05-05 12:02:53 | |
| CloudLinux 6 ELS | binutils | 2.20 | 7.8 | HIGH | Released | 2021-12-06 11:56:08 | ||
| Oracle Linux 6 ELS | binutils | 2.20 | 7.8 | HIGH | Released | CLSA-2021:1637770725 | 2021-11-24 13:55:57 | |
| Ubuntu 16.04 ELS | binutils | 2.26 | 7.8 | HIGH | Released | CLSA-2021:1635459139 | 2021-11-02 21:02:48 |