First published: Thu Jun 28 2018(Updated: )
Last updated 24 July 2024
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
GNU Binutils | =2.30 | |
debian/binutils | 2.35.2-2 2.40-2 2.43.50.20241215-1 2.43.50.20241221-1 |
https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=1910070b298052d7ca8e4024891465824588c1e9
https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=236f4ebe3ac7e8f94184fdcc39c70d74cc62b82a
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-12934 is a vulnerability in GNU libiberty, as distributed in GNU Binutils 2.30, that allows attackers to trigger excessive memory consumption.
CVE-2018-12934 can be exploited by executing cxxfilt.
CVE-2018-12934 affects GNU Binutils versions 2.30-21ubuntu1~18.04.3 and earlier, as well as libiberty versions 20170913-1ubuntu0.1 and earlier.
Yes, there are fixes available for CVE-2018-12934. For GNU Binutils, version 2.30-21ubuntu1~18.04.3 or later should be installed. For libiberty, version 20170913-1ubuntu0.1 or later should be installed.
More information about CVE-2018-12934 can be found at the following sources: [1] https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763101 [2] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85453 [3] https://sourceware.org/bugzilla/show_bug.cgi?id=23059