{"id":"CLSA-2021-1639670584","summary":"Fixed 36 CVEs in binutils","details":"- CVE-2018-6323: Fix unsigned integer overflow\n- CVE-2018-19931: Fix heap-based buffer overflow in bfd_elf32_swap_phdr_in\n- CVE-2018-6543: Fix integer overflow\n- CVE-2018-20671: Fix integer overflow vulnerability\n- CVE-2018-6759: Fix segmentation fault\n- CVE-2018-7208: Fix segmentation fault\n- CVE-2018-7568: Fix integer overflow\n- CVE-2018-7569: Fix integer underflow or overflow\n- CVE-2018-7642: Fix aout_32_swap_std_reloc_out NULL pointer dereference\n- CVE-2018-7643: Fix integer overflow\n- CVE-2018-8945: Fix segmentation fault\n- CVE-2018-13033: Fix excessive memory allocation\n- CVE-2018-10373: Fix NULL pointer dereference\n- CVE-2018-10535: Fix NULL pointer dereference\n- CVE-2018-18309: Fix invalid memory address dereference\n- CVE-2018-18605: Fix mishandles section merges\n- CVE-2018-18606: Fix NULL pointer dereference\n- CVE-2018-18607: Fix NULL pointer dereference in elf_link_input_bfd\n- CVE-2018-19932: Fix integer overflow and infinite loop\n- CVE-2018-20002: Fix memory consumption\n- CVE-2018-20623: Fix use-after-free in the error function\n- CVE-2018-1000876: Fix integer overflow trigger heap overflow\n- CVE-2019-9073: Fix excessive memory allocation\n- CVE-2019-9075: Fix heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap\n- CVE-2019-9077: Fix heap-based buffer overflow in process_mips_specific\n- CVE-2019-12972: Fix heap-based buffer over-read in _bfd_doprnt\n- CVE-2019-14444: Fix integer overflow\n- CVE-2019-17450: Fix infinite recursion\n- CVE-2016-2226: Fix integer overflow in the string_appends function in cplus-dem.c\n- CVE-2016-4487: Fix use-after-free vulnerability in libiberty\n- CVE-2016-4488: Fix use-after-free vulnerability in libiberty\n- CVE-2016-4489: Fix integer overflow in libiberty\n- CVE-2016-4490: Fix integer overflow in cp-demangle.c in libiberty\n- CVE-2016-4492: Fix buffer overflow in the do_type function in cplus-dem.c in libiberty\n- CVE-2016-4493: Fix out-of-bounds read in demangle_template_value_parm and do_hpacc_template_literal\n- CVE-2016-6131: Fix infinite loop, stack overflow","modified":"2026-05-27T11:33:06.888937437Z","published":"2021-12-16T16:03:04Z","upstream":["CVE-2016-2226","CVE-2016-4487","CVE-2016-4488","CVE-2016-4489","CVE-2016-4490","CVE-2016-4492","CVE-2016-4493","CVE-2016-6131","CVE-2018-1000876","CVE-2018-10373","CVE-2018-10535","CVE-2018-13033","CVE-2018-18309","CVE-2018-18605","CVE-2018-18606","CVE-2018-18607","CVE-2018-19931","CVE-2018-19932","CVE-2018-20002","CVE-2018-20623","CVE-2018-20671","CVE-2018-6323","CVE-2018-6543","CVE-2018-6759","CVE-2018-7208","CVE-2018-7568","CVE-2018-7569","CVE-2018-7642","CVE-2018-7643","CVE-2018-8945","CVE-2019-12972","CVE-2019-14444","CVE-2019-17450","CVE-2019-9073","CVE-2019-9075","CVE-2019-9077"],"references":[{"type":"ADVISORY","url":"https://errata.cloudlinux.com/ol6/CLSA-2021-1639670584.html"}],"affected":[{"package":{"name":"binutils","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/binutils?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:2.20.51.0.2-5.48.0.3.el6.tuxcare.ol.els3"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2021-1639670584.json"}},{"package":{"name":"binutils-devel","ecosystem":"TuxCare:OracleLinux:6","purl":"pkg:rpm/tuxcare/binutils-devel?distro=oraclelinux-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:2.20.51.0.2-5.48.0.3.el6.tuxcare.ol.els3"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2021-1639670584.json"}}],"schema_version":"1.7.5"}