First published: Tue Jul 23 2019(Updated: )
GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An ELF file with an invalid e_shoff header field must be opened.
Credit: josh@bress.net
Affected Software | Affected Version | How to fix |
---|---|---|
GNU Binutils | >=2.21<=2.31.1 | |
GNU binutils gold | >=1.11<=1.16 | |
Netapp Hci Management Node | ||
Netapp Solidfire |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2019-1010204.
The severity rating of CVE-2019-1010204 is 5.5 (Medium).
CVE-2019-1010204 affects GNU binutils gold versions 1.11 to 1.16 and GNU binutils versions 2.21 to 2.31.1.
The impact of CVE-2019-1010204 is denial of service.
There are no known fixes or patches available for this vulnerability at the moment. It is recommended to follow the recommendations provided by the software vendor or project maintainers.