Home > Vulnerability Database > CVE-2018-19932

Mend.io Vulnerability Database

CVE-2018-19932

Date: December 7, 2018

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is an integer overflow and infinite loop caused by the IS_CONTAINED_BY_LMA macro in elf.c.

Language: DEBIAN

Severity Score

5.5

Related Resources (13)

Url: http://www.securityfocus.com/bid/106144

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2018-19932

Url: https://usn.ubuntu.com/4336-1/

Url: https://access.redhat.com/security/cve/CVE-2018-19932

Url: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=beab453223769279cc1cef68a1622ab8978641f7

Url: https://sourceware.org/bugzilla/show_bug.cgi?id=23932

Url: https://security.netapp.com/advisory/ntap-20190221-0004/

Url: https://security-tracker.debian.org/tracker/CVE-2018-19932

Url: https://security.gentoo.org/glsa/201908-01

Url: https://nvd.nist.gov/vuln/detail/CVE-2018-19932

Url: http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html

Url: http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html

Url: https://www.mend.io/vulnerability-database/CVE-2018-19932

Severity Score

5.5

Weakness Type (CWE)

Integer Overflow or Wraparound

CWE-190

CVSS v3.1

Base Score:	5.5
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

CVSS v2

Base Score:	4.3
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2018-19932

Date: December 7, 2018

Language: DEBIAN

Severity Score

Related Resources (13)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?