 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.1.10.2020.0112 |
| Category: | Mageia Linux Local Security Checks |
| Title: | Mageia: Security Advisory (MGASA-2020-0112) |
| Summary: | The remote host is missing an update for the 'binutils' package(s) announced via the MGASA-2020-0112 advisory. |
| Description: | Summary: The remote host is missing an update for the 'binutils' package(s) announced via the MGASA-2020-0112 advisory. Vulnerability Insight: This update provides the binutils 2.33.1 and fixes at least the following security issues: An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap- based buffer overflow (CVE-2019-14250). find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file )CVE-2019-17450). An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c, as demonstrated by nm (CVE-2019-17451). GNU binutils gold linker is affected by Improper Input Validation, Signed/ Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The attack vector is: An ELF file with an invalid e_shoff header field must be opened (CVE-2019-1010204). For more information about the other changes and additional features of binutils / gas / ld in this update, see the referenced sourceware.org NEWS links. Affected Software/OS: 'binutils' package(s) on Mageia 7. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2019-1010204 https://sourceware.org/bugzilla/show_bug.cgi?id=23765 Common Vulnerability Exposure (CVE) ID: CVE-2019-14250 BugTraq ID: 109354 http://www.securityfocus.com/bid/109354 https://security.gentoo.org/glsa/202007-39 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924 https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html SuSE Security Announcement: openSUSE-SU-2019:2364 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html SuSE Security Announcement: openSUSE-SU-2019:2365 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html SuSE Security Announcement: openSUSE-SU-2020:0716 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html SuSE Security Announcement: openSUSE-SU-2020:1790 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html SuSE Security Announcement: openSUSE-SU-2020:1804 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html https://usn.ubuntu.com/4326-1/ https://usn.ubuntu.com/4336-1/ Common Vulnerability Exposure (CVE) ID: CVE-2019-17450 https://sourceware.org/bugzilla/show_bug.cgi?id=25078 Common Vulnerability Exposure (CVE) ID: CVE-2019-17451 https://sourceware.org/bugzilla/show_bug.cgi?id=25070 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=336bfbeb1848f4b9558456fdcf283ee8a32d7fd1 |
| Copyright | Copyright (C) 2022 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |