GNU Binutils CVE-2018-10372 Remote Buffer Overflow Vulnerability
BID:103976
CVE-2018-10372 |Info
GNU Binutils CVE-2018-10372 Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 103976 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2018-10372 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 25 2018 12:00AM |
| Updated: | Apr 25 2018 12:00AM |
| Credit: | Thuan |
| Vulnerable: |
GNU Binutils 2.30 |
| Not Vulnerable: | |
Discussion
GNU Binutils CVE-2018-10372 Remote Buffer Overflow Vulnerability
GNU Binutils is prone to a remote buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.
An attacker can exploit this issue to crash the affected application, resulting in denial-of-service conditions. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed.
GNU Binutils 2.30 is vulnerable; other versions may also be affected.
GNU Binutils is prone to a remote buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.
An attacker can exploit this issue to crash the affected application, resulting in denial-of-service conditions. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed.
GNU Binutils 2.30 is vulnerable; other versions may also be affected.