First published: Sun Jul 01 2018(Updated: )
A flaw was found in The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file. This can occur during execution of nm. References: <a href="https://sourceware.org/bugzilla/show_bug.cgi?id=23361">https://sourceware.org/bugzilla/show_bug.cgi?id=23361</a>
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
GNU Binutils | =2.30 | |
Redhat Enterprise Linux Desktop | =7.0 | |
Redhat Enterprise Linux Server | =7.0 | |
Redhat Enterprise Linux Workstation | =7.0 | |
Redhat Openshift Container Platform | =3.11 | |
debian/binutils | 2.35.2-2 2.40-2 2.43.50.20241215-1 2.43.50.20241221-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-13033 is a vulnerability in the Binary File Descriptor (BFD) library, as distributed in GNU Binutils 2.30.
CVE-2018-13033 allows remote attackers to cause a denial of service (excessive memory allocation and application crash) by exploiting a crafted ELF file.
GNU Binutils versions 2.26.1-1ubuntu1~16.04.8+ to 2.41-5 are affected by CVE-2018-13033.
To mitigate CVE-2018-13033, update your GNU Binutils software to versions that include the fix: 2.26.1-1ubuntu1~16.04.8+, 2.30-21ubuntu1~18.04.3, 2.30.90.20180627-1, or any version after 2.41-5.
You can find more information about CVE-2018-13033 at the following references: [Sourceware Bugzilla](https://sourceware.org/bugzilla/show_bug.cgi?id=23361), [SecurityFocus](http://www.securityfocus.com/bid/104584), [Red Hat Security Advisory](https://access.redhat.com/errata/RHSA-2018:3032).