Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
GNU Binutils 缓冲区错误漏洞
Vulnerability Description
GNU Binutils(GNU Binary Utilities或binutils)是GNU社区的开发的一组编程语言工具程序。该程序主要用于处理多种格式的目标文件,并提供有连接器、汇编器和其他用于目标文件和档案的工具。 GNU Binutils 2.31版本中的BFD库的merge.c文件的‘sec_merge_hash_lookup’函数存在基于堆的缓冲区越界读取漏洞。远程攻击者可借助特制的ELF文件利用该漏洞造成拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A