Vulnerability Details : CVE-2019-14250
Potential exploit
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.
Vulnerability category: OverflowMemory Corruption
Products affected by CVE-2019-14250
- cpe:2.3:a:gnu:binutils:2.32:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
- cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2019-14250
0.14%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 36 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-14250
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:N/A:P |
8.6
|
2.9
|
NIST | |
|
5.5
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
1.8
|
3.6
|
NIST |
CWE ids for CVE-2019-14250
-
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.Assigned by: nvd@nist.gov (Primary)
-
The product writes data past the end, or before the beginning, of the intended buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2019-14250
-
https://security.netapp.com/advisory/ntap-20190822-0002/
August 2019 GNU Binutils Vulnerabilities in NetApp Products | NetApp Product SecurityBroken Link
-
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html
[security-announce] openSUSE-SU-2020:1790-1: moderate: Security update fMailing List;Third Party Advisory
-
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924
90924 – lto-plugin/lto-plugin.c heap memory corruption due to insufficient sanitization.Exploit;Issue Tracking;Third Party Advisory
-
https://security.gentoo.org/glsa/202007-39
Binutils: Multiple vulnerabilities (GLSA 202007-39) — Gentoo securityThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html
[security-announce] openSUSE-SU-2019:2364-1: moderate: Security update fMailing List;Third Party Advisory
-
https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html
Ren Kimura - [PATCH] libiberty: Check zero value shstrndx in simple-object-elf.cExploit;Mailing List;Third Party Advisory
-
https://usn.ubuntu.com/4336-1/
USN-4336-1: GNU binutils vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html
[security-announce] openSUSE-SU-2019:2365-1: moderate: Security update fMailing List;Third Party Advisory
-
http://www.securityfocus.com/bid/109354
GNU Binutils 'libiberty' CVE-2019-14250 Integer Overflow VulnerabilityBroken Link;Third Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html
[security-announce] openSUSE-SU-2020:1804-1: moderate: Security update fMailing List;Third Party Advisory
-
https://usn.ubuntu.com/4326-1/
USN-4326-1: libiberty vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html
[security-announce] openSUSE-SU-2020:0716-1: moderate: Security update fMailing List;Third Party Advisory
Jump to