suse · CVE-2018-6759

Quick triage

Priority: medium Published: 2021-05-30 14:10:50 UTC Updated: 2026-04-17 15:32:14 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2018-6759 severity moderate: SUSE including 386 source package names (0.23.1-12.3:binutils-2.32-7.5.1, 0.3.2-1.2:binutils-2.32-7.5.1, …), 805 product×package rows across 326 product lines (Container bci/bci-sle15-kernel-module-devel, Container bci/gcc, … (326 product lines)): Fixed 547, Known Affected 231, Known Not Affected 27.

Description:

The bfd_get_debug_link_info_1 function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, has an unchecked strnlen operation. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) via a crafted ELF file.

cvelogic Threat Intelligence