GNU Binutils 'libiberty' CVE-2019-14250 Integer Overflow Vulnerability

GNU Binutils is prone to an integer overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer.
Attackers can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely cause a denial-of-service condition.
GNU Binutils version 2.32 is vulnerable.


Bugtraq ID: 109354
Class: Boundary Condition Error
CVE: CVE-2019-14250

Remote: Yes
Local: No
Published: Jul 24 2019 12:00AM
Updated: Jul 24 2019 12:00AM
Credit: Ren Kimura
Vulnerable: GNU libiberty 9.1.0
GNU libiberty 0
GNU Binutils 2.32

Not Vulnerable:


The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.

Related Posts