View | Details | Raw Unified | Return to bug 256133 | Differences between
and this patch

Collapse All | Expand All

(-)b/security/vuxml/vuln-2021.xml (-1 / +31 lines)
Lines 1-3 Link Here
1 
  <vuln vid="f4c54b81-bcc8-11eb-a7a6-080027f515ea">
2 
    <topic>binutils -- excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read_section()</topic>
3 
    <affects>
4 
      <package>
5 
	<name>binutils</name>
6 
	<range><lt>2.33.1_5</lt></range>
7 
      </package>
8 
    </affects>
9 
    <description>
10 
      <body xmlns="http://www.w3.org/1999/xhtml">
11 
	<p>Hao Wang reports:</p>
12 
	<blockquote cite="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3487">
13 
	  <p>
14 
	    There's a flaw in the BFD library of binutils in versions before 2.36.
15 
	    An attacker who supplies a crafted file to an application linked with BFD,
16 
	    and using the DWARF functionality, could cause an impact to system
17 
	    availability by way of excessive memory consumption.
18 
	  </p>
19 
	</blockquote>
20 
      </body>
21 
    </description>
22 
    <references>
23 
      <cvename>CVE-2021-3487</cvename>
24 
      <url>https://sourceware.org/bugzilla/show_bug.cgi?id=26946</url>
25 
    </references>
26 
    <dates>
27 
      <discovery>2020-11-25</discovery>
28 
      <entry>2021-08-13</entry>
29 
    </dates>
30 
  </vuln>
31 

            

        

          1
          
  <vuln vid="e9200f8e-fd34-11eb-afb1-c85b76ce9b5a">

          32
          
  <vuln vid="e9200f8e-fd34-11eb-afb1-c85b76ce9b5a">

        

        

          2
          
    <topic>lynx -- SSL certificate validation error</topic>

          33
          
    <topic>lynx -- SSL certificate validation error</topic>

        

        

          3
          
    <affects>

          34
          
    <affects>

        

            

              4
              
- 

              
              
            






  

  Return to bug 256133