View | Details | Raw Unified | Return to bug 256133 | Differences between
and this patch

Collapse All | Expand All

(-)b/security/vuxml/vuln-2021.xml (-1 / +27 lines)
Lines 1-3 Link Here
1 
  <vuln vid="f4c54b81-bcc8-11eb-a7a6-080027f515ea">
2 
    <topic>binutils -- excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read_section()</topic>
3 
    <affects>
4 
      <package>
5 
	<name>binutils</name>
6 
	<range><lt>2.33.1_5</lt></range>
7 
      </package>
8 
    </affects>
9 
    <description>
10 
      <body xmlns="http://www.w3.org/1999/xhtml">
11 
	<p>Hao Wang reports:</p>
12 
	<blockquote cite="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3487">
13 
	  <p>
14 
	    There's a flaw in the BFD library of binutils in versions before 2.36.
15 
	    An attacker who supplies a crafted file to an application linked with BFD,
16 
	    and using the DWARF functionality, could cause an impact to system
17 
	    availability by way of excessive memory consumption.
18 
	  </p>
19 
      <cvename>CVE-2021-3487</cvename>
20 
      <url>https://sourceware.org/bugzilla/show_bug.cgi?id=26946</url>
21 
    </references>
22 
    <dates>
23 
      <discovery>2020-11-25</discovery>
24 
      <entry>2021-08-13</entry>
25 
    </dates>
26 
  </vuln>
27 

            

        

          1
          
  <vuln vid="b471130b-fb86-11eb-87db-6cc21735f730">

          28
          
  <vuln vid="b471130b-fb86-11eb-87db-6cc21735f730">

        

        

          2
          
    <topic>PostgreSQL server -- Memory disclosure in certain queries</topic>

          29
          
    <topic>PostgreSQL server -- Memory disclosure in certain queries</topic>

        

        

          3
          
    <affects>

          30
          
    <affects>

        

            

              4
              
- 

              
              
            






  

  Return to bug 256133