Improper Input Validation

Affecting binutils package, versions *

Report new vulnerabilities
medium severity
Do your applications use this vulnerable package? Test your applications

Overview

The aout_32_swap_std_reloc_out function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils before 2.31, allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted file, as demonstrated by objcopy.

References

CVE
CVE-2018-14038
CWE
CWE-20
Snyk ID
SNYK-DEBIAN9-BINUTILS-340024
Disclosed
07 Mar, 2019
Published
07 Mar, 2019