Note:
This project will be discontinued after December 13, 2021. [more]
2018-12-07
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is an integer overflow and infinite loop caused by the IS_CONTAINED_BY_LMA macro in elf.c.
| Products | Binutils, Vasa_provider |
| Type | Integer Overflow or Wraparound (CWE-190) |
| First patch | - None (likely due to unavailable code) |
| Links |
• https://security.netapp.com/advisory/ntap-20190221-0004/
• https://sourceware.org/bugzilla/show_bug.cgi?id=23932 • http://www.securityfocus.com/bid/106144 • https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=beab453223769279cc1cef68a1622ab8978641f7 • http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html |