DEBIAN-CVE-2018-17359

DEBIAN-CVE-2018-17359 PUBLISHED CVSS 5.5 MEDIUM

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in bfd_zalloc in opncls.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file.

Risk Scores

CVSS v3.0

5.5

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Debian:11	binutils	0, 0, 0
Debian:13	binutils	0, 0, 0
Debian:14	binutils	0, 0, 0
Debian:12	binutils	0, 0, 0

Timeline

Sep 23, 2018 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2018-17359 advisory

Open in Interactive Console →