View | Details | Raw Unified | Return to bug 256133 | Differences between
and this patch

Collapse All | Expand All

(-)b/security/vuxml/vuln-2021.xml (-1 / +27 lines)
Lines 1-3 Link Here
1
  <vuln vid="f4c54b81-bcc8-11eb-a7a6-080027f515ea">
2
    <topic>binutils -- excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read_section()</topic>
3
    <affects>
4
      <package>
5
	<name>binutils</name>
6
	<range><lt>2.36</lt></range>
7
      </package>
8
    </affects>
9
    <description>
10
      <body xmlns="http://www.w3.org/1999/xhtml">
11
	<p>Hao Wang reports:</p>
12
	<blockquote cite="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3487">
13
	  <p>
14
	    There's a flaw in the BFD library of binutils in versions before 2.36.
15
	    An attacker who supplies a crafted file to an application linked with BFD,
16
	    and using the DWARF functionality, could cause an impact to system
17
	    availability by way of excessive memory consumption.
18
	  </p>
19
      <cvename>CVE-2021-3487</cvename>
20
      <url>https://sourceware.org/bugzilla/show_bug.cgi?id=26946</url>
21
    </references>
22
    <dates>
23
      <discovery>2020-11-25</discovery>
24
      <entry>2021-05-24</entry>
25
    </dates>
26
  </vuln>
27
1
  <vuln vid="e80073d7-f8ba-11eb-b141-589cfc007716">
28
  <vuln vid="e80073d7-f8ba-11eb-b141-589cfc007716">
2
    <topic>xtrlock -- xtrlock does not block multitouch events</topic>
29
    <topic>xtrlock -- xtrlock does not block multitouch events</topic>
3
    <affects>
30
    <affects>
4
- 

Return to bug 256133