CVE-2018-19932

Published: 7 December 2018

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is an integer overflow and infinite loop caused by the IS_CONTAINED_BY_LMA macro in elf.c.

Priority

CVSS 3 base score: 5.5

Status

Package	Release	Status
binutils Launchpad, Ubuntu, Debian	bionic	Released (2.30-21ubuntu1~18.04.3)
	cosmic	Ignored (reached end-of-life)
	disco	Not vulnerable (2.32-7ubuntu4)
	eoan	Not vulnerable (2.32-8ubuntu1)
	focal	Not vulnerable (2.32-8ubuntu1)
	groovy	Not vulnerable (2.32-8ubuntu1)
	hirsute	Not vulnerable (2.32-8ubuntu1)
	impish	Not vulnerable (2.32-8ubuntu1)
	jammy	Not vulnerable (2.32-8ubuntu1)
	kinetic	Not vulnerable (2.32-8ubuntu1)
	precise	Ignored (end of ESM support, was needs-triage)
	trusty	Needs triage
	upstream	Needs triage
	xenial	Released (2.26.1-1ubuntu1~16.04.8+esm1)
	Patches: upstream: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=beab453223769279cc1cef68a1622ab8978641f7

References

Bugs

https://sourceware.org/bugzilla/show_bug.cgi?id=23932

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Security