First published: Thu Mar 22 2018(Updated: )
binutils through version 2.30 has a vulnerability in the elf.c:bfd_section_from_shdr() functionof the Binary File Descriptor (BFD) library (aka libbfd). An attacker could exploit this with a crafted executable file to cause a crash. Upstream Bug: <a href="https://sourceware.org/bugzilla/show_bug.cgi?id=22809">https://sourceware.org/bugzilla/show_bug.cgi?id=22809</a> Upstream Patch: <a href="https://sourceware.org/bugzilla/attachment.cgi?id=10814&action=diff">https://sourceware.org/bugzilla/attachment.cgi?id=10814&action=diff</a>
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
GNU Binutils | =2.30 | |
Redhat Enterprise Linux Desktop | =7.0 | |
Redhat Enterprise Linux Server | =7.0 | |
Redhat Enterprise Linux Workstation | =7.0 | |
debian/binutils | 2.35.2-2 2.40-2 2.43.50.20241215-1 2.43.50.20241221-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-8945 is a vulnerability in the Binary File Descriptor (BFD) library, also known as libbfd, which can cause a denial of service attack by triggering a segmentation fault.
CVE-2018-8945 can cause a denial of service (segmentation fault) on systems running GNU Binutils 2.30 or earlier versions.
CVE-2018-8945 has a low severity level.
GNU Binutils 2.30 and earlier versions are affected by CVE-2018-8945.
To fix CVE-2018-8945, update to GNU Binutils version 2.30.90.20180627-1 or later.