Lucene search

K
mageiaGentoo FoundationMGASA-2018-0046
HistoryJan 03, 2018 - 5:22 p.m.

Updated binutils packages fix security vulnerability

2018-01-0317:22:14
Gentoo Foundation
advisories.mageia.org
22

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

EPSS

0.026

Percentile

90.3%

Exploitable buffer overflow (CVE-2016-2226). Invalid write due to a use-after-free to array btypevec (CVE-2016-4487). Invalid write due to a use-after-free to array ktypevec (CVE-2016-4488). Invalid write due to integer overflow (CVE-2016-4489). Write access violation (CVE-2016-4490). Write access violations (CVE-2016-4492). Read access violations (CVE-2016-4493). Stack buffer overflow when printing bad bytes in Intel Hex objects (CVE-2016-6131). readelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer over-read while processing corrupt RL78 binaries. The vulnerability can trigger program crashes. It may lead to an information leak as well (CVE-2017-6969). objdump in GNU Binutils 2.28 is vulnerable to multiple heap-based buffer over-reads (of size 1 and size 8) while handling corrupt STABS enum type strings in a crafted object file, leading to program crash (CVE-2017-7210).

OSVersionArchitecturePackageVersionFilename
Mageia5noarchbinutils< 2.24-12.1binutils-2.24-12.1.mga5

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

EPSS

0.026

Percentile

90.3%