CVE-2018-20002

Source
Severity Medium
Remote Yes
Type Denial of service
Description
The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm.
Group Package Affected Fixed Severity Status Ticket
AVG-832 binutils 2.31.1-4 High Vulnerable
References
https://sourceware.org/bugzilla/show_bug.cgi?id=23952	
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=c2f5dc30afa34696f2da0081c4ac50b958ecb0e9