VYPR
Medium severity5.5OSV Advisory· Published Jul 1, 2018· Updated Jun 17, 2026

CVE-2018-13033

CVE-2018-13033

Description

The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file, as demonstrated by _bfd_elf_parse_attributes in elf-attrs.c and bfd_malloc in libbfd.c. This can occur during execution of nm.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • GNU/BinutilsOSV2 versions
    binutils-2_30, gdb-4_18-branchpoint, gdb-7.10-branchpoint, …+ 1 more
    • (no CPE)range: binutils-2_30, gdb-4_18-branchpoint, gdb-7.10-branchpoint, …
    • (no CPE)range: =2.30

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.