CVE-2019-9077 - An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_spe

CVE-2019-9077

Summary

An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section.

References

Vulnerable Configurations

cpe:2.3:a:gnu:binutils:2.32:*:*:*:*:*:*:*
cpe:2.3:a:gnu:binutils:2.32:*:*:*:*:*:*:*
cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:a:f5:traffix_signaling_delivery_controller:5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:traffix_signaling_delivery_controller:5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:traffix_signaling_delivery_controller:5.1.0:*:*:*:*:*:*:*
cpe:2.3:a:f5:traffix_signaling_delivery_controller:5.1.0:*:*:*:*:*:*:*

CVSS

Base:	6.8 (as of 16-08-2023 - 14:17)
Impact:
Exploitability:

CWE

CWE-787

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:P

refmap via4

bid	107139
confirm	https://security.netapp.com/advisory/ntap-20190314-0003/ https://support.f5.com/csp/article/K00056379
misc	https://sourceware.org/bugzilla/show_bug.cgi?id=24243
suse	openSUSE-SU-2020:1790 openSUSE-SU-2020:1804
ubuntu	USN-4336-1

Last major update

16-08-2023 - 14:17

Published

24-02-2019 - 00:29

Last modified

16-08-2023 - 14:17