An issue exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\0' character.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnu binutils 2.32 |
||
opensuse leap 15.1 |
||
opensuse leap 15.2 |
||
canonical ubuntu linux 18.04 |