CVE-2018-19931

Source
Severity High
Remote Yes
Type Arbitrary code execution
Description
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is a heap-based buffer overflow in bfd_elf32_swap_phdr_in in elfcode.h because the number of program headers is not restricted.
Group Package Affected Fixed Severity Status Ticket
AVG-832 binutils 2.31.1-4 2.32-1 High Fixed
Date Advisory Group Package Severity Description
04 Jun 2019 ASA-201906-3 AVG-832 binutils High multiple issues
References
https://sourceware.org/bugzilla/show_bug.cgi?id=23942
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5f60af5d24d181371d67534fa273dd221df20c07