Security Fix(es) :

  - binutils: Improper bounds check in     coffgen.c:coff_pointerize_aux() allows for denial of     service when parsing a crafted COFF file (CVE-2018-7208)

  - binutils: integer overflow via an ELF file with corrupt     dwarf1 debug information in libbfd library     (CVE-2018-7568)

  - binutils: integer underflow or overflow via an ELF file     with a corrupt DWARF FORM block in libbfd library     (CVE-2018-7569)

  - binutils: NULL pointer dereference in swap_std_reloc_in     function in aoutx.h resulting in crash (CVE-2018-7642)

  - binutils: Integer overflow in the display_debug_ranges     function resulting in crash (CVE-2018-7643)

  - binutils: Crash in elf.c:bfd_section_from_shdr() with     crafted executable (CVE-2018-8945)

  - binutils: Heap-base buffer over-read in     dwarf.c:process_cu_tu_index() allows for denial of     service via crafted file (CVE-2018-10372)

  - binutils: NULL pointer dereference in     dwarf2.c:concat_filename() allows for denial of service     via crafted file (CVE-2018-10373)

  - binutils: out of bounds memory write in peXXigen.c files     (CVE-2018-10534)

  - binutils: NULL pointer dereference in elf.c     (CVE-2018-10535)

  - binutils: Uncontrolled Resource Consumption in execution     of nm (CVE-2018-13033)

Detections

Analytics

Scientific Linux Security Update : binutils on SL7.x x86_64 (20181030)

high Nessus Plugin ID 119179

Version 1.6