Published: 02/02/2018 Updated: 31/10/2019

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

In GNU Binutils 2.30, there's an integer overflow in the function load_specific_debug_section() in objdump.c, which results in `malloc()` with 0 size. A crafted ELF file allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gnu binutils 2.30

In GNU Binutils 230, there's an integer overflow in the function load_specific_debug_section() in objdumpc, which results in `malloc()` with 0 size A crafted ELF file allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact ...

NYU Offensive Security 2022 Lecture - Heaps and Vulnerability Research (VR) CVE-2018-6543 The example for this lecture is a heap overflow bug in binutils's objdump utility that can lead to a heap overflow and memory corruption Some useful links are below: CVE Details Source Code pre-patch Patch Diff Tools used in the demos: CodeQL Binary Ninja Frida

CWE-190 https://sourceware.org/bugzilla/show_bug.cgi?id=22769 http://www.securityfocus.com/bid/102985 https://security.gentoo.org/glsa/201811-17 http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html https://nvd.nist.gov https://github.com/comed-ian/OffSec_2022_lecture https://access.redhat.com/security/cve/cve-2018-6543

CVE-2018-6543

Vulnerability Summary

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect