Lines 1-3
Link Here
|
|
|
1 |
<vuln vid="f4c54b81-bcc8-11eb-a7a6-080027f515ea"> |
2 |
<topic>binutils -- excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read_section()</topic> |
3 |
<affects> |
4 |
<package> |
5 |
<name>binutils</name> |
6 |
<range><lt>2.33.1_5</lt></range> |
7 |
</package> |
8 |
</affects> |
9 |
<description> |
10 |
<body xmlns="http://www.w3.org/1999/xhtml"> |
11 |
<p>Hao Wang reports:</p> |
12 |
<blockquote cite="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3487"> |
13 |
<p> |
14 |
There's a flaw in the BFD library of binutils in versions before 2.36. |
15 |
An attacker who supplies a crafted file to an application linked with BFD, |
16 |
and using the DWARF functionality, could cause an impact to system |
17 |
availability by way of excessive memory consumption. |
18 |
</p> |
19 |
</blockquote> |
20 |
</body> |
21 |
</description> |
22 |
<references> |
23 |
<cvename>CVE-2021-3487</cvename> |
24 |
<url>https://sourceware.org/bugzilla/show_bug.cgi?id=26946</url> |
25 |
</references> |
26 |
<dates> |
27 |
<discovery>2020-11-25</discovery> |
28 |
<entry>2021-08-13</entry> |
29 |
</dates> |
30 |
</vuln> |
31 |
|
1 |
<vuln vid="e9200f8e-fd34-11eb-afb1-c85b76ce9b5a"> |
32 |
<vuln vid="e9200f8e-fd34-11eb-afb1-c85b76ce9b5a"> |
2 |
<topic>lynx -- SSL certificate validation error</topic> |
33 |
<topic>lynx -- SSL certificate validation error</topic> |
3 |
<affects> |
34 |
<affects> |
4 |
- |
|
|