CVE-2018-20671

Updated: 2023-11-07 19:56:53.95499

Description:

load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x MEDIUM 4.3
CVSS Version 3.x MEDIUM 5.5

Status

OS name Project name Version Score Severity Status Errata Last updated
CentOS 6 ELS binutils 2.20 5.5 MEDIUM Released CLSA-2021:1640621287 2022-05-05 12:03:23
CloudLinux 6 ELS binutils 2.20 5.5 MEDIUM Released CLSA-2021:1639670535 2021-12-27 14:17:37
Oracle Linux 6 ELS binutils 2.20 5.5 MEDIUM Released CLSA-2021:1639670584 2021-12-16 15:55:32
Ubuntu 16.04 ELS binutils 2.26 5.5 MEDIUM Released CLSA-2021:1635459139 2021-11-02 14:03:16
Ubuntu 18.04 ELS binutils 2.30-21 5.5 MEDIUM Already Fixed 2023-10-31 14:08:30