CVE-2018-10534 -- binutilsID: oval:org.secpod.oval:def:1902064 | Date: (C)2019-06-10 (M)2023-12-20 |
Class: VULNERABILITY | Family: unix |
The _bfd_XX_bfd_copy_private_bfd_data_common function in peXXigen.c in the Binary File Descriptor library , as distributed in GNU Binutils 2.30, processes a negative Data Directory size with an unbounded loop that increases the value of *edd so that the address exceeds its own memory region, resulting in an out-of-bounds memory write, as demonstrated by objcopy copying private info with _bfd_pex64_bfd_copy_private_bfd_data_common in pex64igen.c.
Platform: |
Ubuntu 16.04 |
Ubuntu 18.04 |