{"id":"CVE-2019-9075","details":"An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c.","modified":"2026-05-15T12:04:02.156182085Z","published":"2019-02-24T00:29:00.500Z","related":["SUSE-SU-2020:3060-1","SUSE-SU-2020:3552-1","SUSE-SU-2021:3593-1","openSUSE-SU-2020:1790-1","openSUSE-SU-2020:1804-1","openSUSE-SU-2024:10651-1"],"database_specific":{"unresolved_ranges":[{"cpes":["cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"],"extracted_events":[{"last_affected":"18.04"}],"source":"CPE_FIELD","vendor_product":"canonical:ubuntu_linux"},{"cpes":["cpe:2.3:a:f5:big-ip_access_policy_manager:14.1.0:*:*:*:*:*:*:*","cpe:2.3:a:f5:big-ip_access_policy_manager:15.0.0:*:*:*:*:*:*:*"],"vendor_product":"f5:big-ip_access_policy_manager","source":"CPE_FIELD","extracted_events":[{"last_affected":"14.1.0"},{"last_affected":"15.0.0"}]},{"cpes":["cpe:2.3:a:f5:big-ip_advanced_firewall_manager:14.1.0:*:*:*:*:*:*:*","cpe:2.3:a:f5:big-ip_advanced_firewall_manager:15.0.0:*:*:*:*:*:*:*"],"vendor_product":"f5:big-ip_advanced_firewall_manager","source":"CPE_FIELD","extracted_events":[{"last_affected":"14.1.0"},{"last_affected":"15.0.0"}]},{"cpes":["cpe:2.3:a:f5:big-ip_analytics:14.1.0:*:*:*:*:*:*:*","cpe:2.3:a:f5:big-ip_analytics:15.0.0:*:*:*:*:*:*:*"],"vendor_product":"f5:big-ip_analytics","source":"CPE_FIELD","extracted_events":[{"last_affected":"14.1.0"},{"last_affected":"15.0.0"}]},{"cpes":["cpe:2.3:a:f5:big-ip_application_acceleration_manager:14.1.0:*:*:*:*:*:*:*","cpe:2.3:a:f5:big-ip_application_acceleration_manager:15.0.0:*:*:*:*:*:*:*"],"vendor_product":"f5:big-ip_application_acceleration_manager","source":"CPE_FIELD","extracted_events":[{"last_affected":"14.1.0"},{"last_affected":"15.0.0"}]},{"cpes":["cpe:2.3:a:f5:big-ip_application_security_manager:14.1.0:*:*:*:*:*:*:*","cpe:2.3:a:f5:big-ip_application_security_manager:15.0.0:*:*:*:*:*:*:*"],"vendor_product":"f5:big-ip_application_security_manager","source":"CPE_FIELD","extracted_events":[{"last_affected":"14.1.0"},{"last_affected":"15.0.0"}]},{"cpes":["cpe:2.3:a:f5:big-ip_domain_name_system:14.1.0:*:*:*:*:*:*:*","cpe:2.3:a:f5:big-ip_domain_name_system:15.0.0:*:*:*:*:*:*:*"],"vendor_product":"f5:big-ip_domain_name_system","source":"CPE_FIELD","extracted_events":[{"last_affected":"14.1.0"},{"last_affected":"15.0.0"}]},{"cpes":["cpe:2.3:a:f5:big-ip_edge_gateway:14.1.0:*:*:*:*:*:*:*","cpe:2.3:a:f5:big-ip_edge_gateway:15.0.0:*:*:*:*:*:*:*"],"extracted_events":[{"last_affected":"14.1.0"},{"last_affected":"15.0.0"}],"source":"CPE_FIELD","vendor_product":"f5:big-ip_edge_gateway"},{"cpes":["cpe:2.3:a:f5:big-ip_fraud_protection_service:14.1.0:*:*:*:*:*:*:*","cpe:2.3:a:f5:big-ip_fraud_protection_service:15.0.0:*:*:*:*:*:*:*"],"vendor_product":"f5:big-ip_fraud_protection_service","source":"CPE_FIELD","extracted_events":[{"last_affected":"14.1.0"},{"last_affected":"15.0.0"}]},{"cpes":["cpe:2.3:a:f5:big-ip_global_traffic_manager:14.1.0:*:*:*:*:*:*:*","cpe:2.3:a:f5:big-ip_global_traffic_manager:15.0.0:*:*:*:*:*:*:*"],"extracted_events":[{"last_affected":"14.1.0"},{"last_affected":"15.0.0"}],"source":"CPE_FIELD","vendor_product":"f5:big-ip_global_traffic_manager"},{"cpes":["cpe:2.3:a:f5:big-ip_link_controller:14.1.0:*:*:*:*:*:*:*","cpe:2.3:a:f5:big-ip_link_controller:15.0.0:*:*:*:*:*:*:*"],"extracted_events":[{"last_affected":"14.1.0"},{"last_affected":"15.0.0"}],"source":"CPE_FIELD","vendor_product":"f5:big-ip_link_controller"},{"cpes":["cpe:2.3:a:f5:big-ip_local_traffic_manager:14.1.0:*:*:*:*:*:*:*","cpe:2.3:a:f5:big-ip_local_traffic_manager:15.0.0:*:*:*:*:*:*:*"],"vendor_product":"f5:big-ip_local_traffic_manager","source":"CPE_FIELD","extracted_events":[{"last_affected":"14.1.0"},{"last_affected":"15.0.0"}]},{"cpes":["cpe:2.3:a:f5:big-ip_policy_enforcement_manager:14.1.0:*:*:*:*:*:*:*","cpe:2.3:a:f5:big-ip_policy_enforcement_manager:15.0.0:*:*:*:*:*:*:*"],"extracted_events":[{"last_affected":"14.1.0"},{"last_affected":"15.0.0"}],"source":"CPE_FIELD","vendor_product":"f5:big-ip_policy_enforcement_manager"},{"cpes":["cpe:2.3:a:f5:big-ip_policy_webaccelerator:14.1.0:*:*:*:*:*:*:*"],"vendor_product":"f5:big-ip_policy_webaccelerator","source":"CPE_FIELD","extracted_events":[{"last_affected":"14.1.0"}]},{"cpes":["cpe:2.3:a:f5:big-ip_webaccelerator:15.0.0:*:*:*:*:*:*:*"],"extracted_events":[{"last_affected":"15.0.0"}],"source":"CPE_FIELD","vendor_product":"f5:big-ip_webaccelerator"}]},"references":[{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202107-24"},{"type":"ADVISORY","url":"https://support.f5.com/csp/article/K42059040"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/4336-1/"},{"type":"REPORT","url":"https://sourceware.org/bugzilla/show_bug.cgi?id=24236"},{"type":"FIX","url":"https://security.netapp.com/advisory/ntap-20190314-0003/"}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}