[ GLSA 201811-17 ] Binutils

[GLSA]

Gentoo Linux Security Advisory

Title: Binutils: Multiple vulnerabilities (GLSA 201811-17)
Severity: normal
Exploitable: remote
Date: 2018-11-27
Bug(s): #634196, #637642, #639692, #639768, #647798, #649690
ID: 201811-17

Synopsis

Multiple vulnerabilities have been found in Binutils, the worst of
which may allow remote attackers to cause a Denial of Service condition.


Background

The GNU Binutils are a collection of tools to create, modify and analyse
binary files. Many of the files use BFD, the Binary File Descriptor
library, to do low-level manipulation.


Affected Packages

Package: sys-devel/binutils
Vulnerable: < 2.30-r2
Unaffected: >= 2.30-r2
Architectures: All supported architectures


Description

Multiple vulnerabilities have been discovered in Binutils. Please review
the referenced CVE identifiers for details.


Impact

A remote attacker, by enticing a user to compile/execute a specially
crafted ELF, object, PE, or binary file, could possibly cause a Denial of
Service condition or have other unspecified impacts.


Workaround

There is no known workaround at this time.

Resolution

All Binutils users should upgrade to the latest version: