ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2021.0341
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2021-0341)
Resumen:	The remote host is missing an update for the 'binutils' package(s) announced via the MGASA-2021-0341 advisory.
Descripción:	Summary: The remote host is missing an update for the 'binutils' package(s) announced via the MGASA-2021-0341 advisory. Vulnerability Insight: This update provides binutils 2.36.1 and fixes at least the following security issues: There's a flaw in the BFD library of binutils in versions before 2.36. An attacker who supplies a crafted file to an application linked with BFD, and using the DWARF functionality, could cause an impact to system availability by way of excessive memory consumption (CVE-2021-3487). There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user (presumably as part of a script updating binaries across different users), an unprivileged user can trick these utilities into getting ownership of arbitrary files through a symlink (CVE-2021-20197). For more info about the 2.36 update, see the sourceware link. Affected Software/OS: 'binutils' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 3.3 CVSS Vector: AV:L/AC:M/Au:N/C:P/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2021-20197 GLSA-202208-30 https://security.gentoo.org/glsa/202208-30 https://bugzilla.redhat.com/show_bug.cgi?id=1913743 https://security.netapp.com/advisory/ntap-20210528-0009/ https://sourceware.org/bugzilla/show_bug.cgi?id=26945 Common Vulnerability Exposure (CVE) ID: CVE-2021-3487
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.