Oval Definition:oval:com.ubuntu.disco:def:2018186050000000
Revision Date:2018-10-23Version:1
Title:CVE-2018-18605 on Ubuntu 19.04 (disco) - low.
Description:A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2018-18605
Platform(s):Ubuntu 19.04
Product(s):
Definition Synopsis
  • Ubuntu 19.04 (disco) is installed.
  • AND binutils package in disco, is related to the CVE in some way and has been fixed (note: '2.32-7ubuntu4').
  • BACK