First published: Sat Jun 23 2018(Updated: )
A flaw was found in finish_stab in stabs.c in GNU Binutils 2.30 which allows attackers to cause a denial of service (heap-based buffer overflow) as demonstrated by an out-of-bounds write of 8 bytes. References: <a href="https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102">https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102</a> <a href="https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454">https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454</a> <a href="https://sourceware.org/bugzilla/show_bug.cgi?id=23057">https://sourceware.org/bugzilla/show_bug.cgi?id=23057</a>
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
GNU Binutils | =2.30 | |
Canonical Ubuntu Linux | =16.04.4 | |
debian/binutils | 2.35.2-2 2.40-2 2.43.50.20241215-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2018-12699.
The severity of CVE-2018-12699 is not specified, but it can cause a denial of service (DoS) or potentially have other unspecified impacts.
CVE-2018-12699 affects GNU Binutils version 2.30.
The impact of CVE-2018-12699 is a heap-based buffer overflow, which can cause a denial of service (DoS) or other unspecified impacts.
To fix CVE-2018-12699, update GNU Binutils to version 2.32.51.20190707-1 or later.