First published: Thu Oct 18 2018(Updated: )
Last updated 24 July 2024
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
GNU Binutils | =2.31 | |
debian/binutils | 2.35.2-2 2.40-2 2.43.50.20241215-1 2.43.50.20241221-1 |
https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=1910070b298052d7ca8e4024891465824588c1e9
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-18483 is a vulnerability in GNU libiberty as distributed in GNU Binutils 2.31 that allows remote attackers to cause a denial of service or possibly have unspecified other impact.
CVE-2018-18483 can be exploited by remote attackers using a crafted string to trigger a denial of service or other unspecified impact.
Ubuntu binutils versions 2.30-21ubuntu1~18.04.3 (bionic) and 2.26.1-1ubuntu1~16.04.8+ (xenial), as well as Ubuntu libiberty versions 20170913-1ubuntu0.1 (bionic) and 20160215-1ubuntu0.3 (xenial) are affected by CVE-2018-18483.
For Ubuntu bionic, upgrade the binutils package to version 2.30-21ubuntu1~18.04.3 or later, and for Ubuntu xenial, upgrade the binutils package to version 2.26.1-1ubuntu1~16.04.8+ or later, and upgrade the libiberty package to version 20170913-1ubuntu0.1 or later.
You can find more information about CVE-2018-18483 at the following references: [CVE-2018-18483 on gcc.gnu.org](https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87602), [CVE-2018-18483 on sourceware.org](https://sourceware.org/bugzilla/show_bug.cgi?id=23767), [CVE-2018-18483 on securityfocus.com](http://www.securityfocus.com/bid/105689).