Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 433
Alerts This Week
Warning Icon 1 433

SUSE: 2019:2779-1 Moderate: Binutils Denial of Service Issues

suse
Calendar Grey October 24, 2019
Dist Suse Esm H88
SUSE Security Update: Security update for binutils _________________________________________________
An update that fixes 28 vulnerabilities is now available

Summary

This update for binutils fixes the following issues: binutils was updated to current 2.32 branch [jsc#ECO-368]. Includes following security fixes: - CVE-2018-17358: Fixed invalid memory access in _bfd_stab_section_find_nearest_line in syms.c (bsc#1109412) - CVE-2018-17359: Fixed invalid memory access exists in bfd_zalloc in opncls.c (bsc#1109413) - CVE-2018-17360: Fixed heap-based buffer over-read in bfd_getl32 in libbfd.c (bsc#1109414) - CVE-2018-17985: Fixed a stack consumption problem caused by the cplus_demangle_type (bsc#1116827) - CVE-2018-18309: Fixed an invalid memory address dereference was discovered in read_reloc in reloc.c (bsc#1111996) - CVE-2018-18483: Fixed get_count function provided by libiberty that allowed attackers to cause a denial of service or other unspecified

References

#1109412 #1109413 #1109414 #1111996 #1112534

#1112535 #1113247 #1113252 #1113255 #1116827

#1118644 #1118830 #1118831 #1120640 #1121034

#1121035 #1121056 #1133131 #1133232 #1141913

#1142772 #1152590 #1154016 #1154025

Cross- CVE-2018-1000876 CVE-2018-17358 CVE-2018-17359

CVE-2018-17360 CVE-2018-17985 CVE-2018-18309

CVE-2018-18483 CVE-2018-18484 CVE-2018-18605

CVE-2018-18606 CVE-2018-18607 CVE-2018-19931

CVE-2018-19932 CVE-2018-20623 CVE-2018-20651

CVE-2018-20671 CVE-2018-6323 CVE-2018-6543

CVE-2018-6759 CVE-2018-6872 CVE-2018-7208

CVE-2018-7568 CVE-2018-7569 CVE-2018-7570

CVE-2018-7642 CVE-2018-7643 CVE-2018-8945

CVE-2019-1010180

Affected Products:

SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP1

Announcement ID: SUSE-SU-2019:2779-1
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.