vulnerability
SUSE: CVE-2017-15939: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:N/A:P) | Oct 27, 2017 | Oct 19, 2018 | Feb 4, 2022 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:P)
Published
Oct 27, 2017
Added
Oct 19, 2018
Modified
Feb 4, 2022
Description
dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles NULL files in a .debug_line file table, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to concat_filename. NOTE: this issue is caused by an incomplete fix for CVE-2017-15023.
Solution(s)
suse-upgrade-binutilssuse-upgrade-binutils-develsuse-upgrade-binutils-devel-32bitsuse-upgrade-binutils-goldsuse-upgrade-cross-aarch64-binutilssuse-upgrade-cross-arm-binutilssuse-upgrade-cross-avr-binutilssuse-upgrade-cross-epiphany-binutilssuse-upgrade-cross-hppa-binutilssuse-upgrade-cross-hppa64-binutilssuse-upgrade-cross-i386-binutilssuse-upgrade-cross-ia64-binutilssuse-upgrade-cross-m68k-binutilssuse-upgrade-cross-mips-binutilssuse-upgrade-cross-ppc-binutilssuse-upgrade-cross-ppc64-binutilssuse-upgrade-cross-ppc64le-binutilssuse-upgrade-cross-riscv64-binutilssuse-upgrade-cross-rx-binutilssuse-upgrade-cross-s390-binutilssuse-upgrade-cross-s390x-binutilssuse-upgrade-cross-sparc-binutilssuse-upgrade-cross-sparc64-binutilssuse-upgrade-cross-spu-binutilssuse-upgrade-libctf-nobfd0suse-upgrade-libctf0
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.