GNU Binutils CVE-2018-20712 Heap Buffer Overflow Vulnerability

GNU Binutils is prone to a heap-based buffer-overflow vulnerability.

Attackers can exploit this issue to cause denial-of-service condition, denying service to legitimate users. Given the nature of this issue, attackers may also be able to execute arbitrary code, but this has not been confirmed.
GNU Binutils version 2.31.1 is vulnerable.

Information

Bugtraq ID: 106563
Class: Boundary Condition Error
CVE: CVE-2018-20712

Remote: Yes
Local: No
Published: Jan 14 2019 12:00AM
Updated: Jan 14 2019 12:00AM
Credit: Cheng Wen.
Vulnerable: GNU Binutils 2.31.1

Not Vulnerable:

Exploit

The researcher who discovered this issue has created a proof-of-concepts. Please see the references for more information.

References:

GCC Home Page (GNU)
GCC Bugzilla â?? Bug 88629 (Gnu)
Sourceware Bugzilla â?? Bug 24043 (Sourceware)

Source: www.securityfocus.com

Exploit Collector

Search Exploit