CVE-2019-1010204
Summary
| CVE | CVE-2019-1010204 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2019-07-23 14:15:00 UTC |
| Updated | 2023-11-07 03:02:00 UTC |
| Description | GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An ELF file with an invalid e_shoff header field must be opened. |
Risk And Classification
Problem Types: CWE-125 | CWE-681
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Gnu | Binutils | All | All | All | All |
| Application | Gnu | Binutils Gold | All | All | All | All |
| Application | Netapp | Hci Management Node | - | All | All | All |
| Application | Netapp | Solidfire | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| 23765 – Malformed ELF header causes Out of Bounds read | MISC | sourceware.org | Issue Tracking, Third Party Advisory |
| CVE-2019-1010204 GNU Binutils Vulnerability in NetApp Products | NetApp Product Security | CONFIRM | security.netapp.com | |
| support.f5.com/csp/article/K05032915 | CONFIRM | support.f5.com | |
| myF5 | support.f5.com | ||
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.