CVE-2019-9075

HIGH

GNU Binutils - Out-of-Bounds Write

Title source: rule

Description

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c.

References (7)

Scores

CVSS v3 7.8
EPSS 0.0027
EPSS Percentile 50.5%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Classification

CWE
CWE-787
Status published

Affected Products (30)

gnu/binutils
netapp/hci_management_node
netapp/solidfire
canonical/ubuntu_linux
f5/big-ip_access_policy_manager
f5/big-ip_access_policy_manager
f5/big-ip_advanced_firewall_manager
f5/big-ip_advanced_firewall_manager
f5/big-ip_analytics
f5/big-ip_analytics
f5/big-ip_application_acceleration_manager
f5/big-ip_application_acceleration_manager
f5/big-ip_application_security_manager
f5/big-ip_application_security_manager
f5/big-ip_domain_name_system
... and 15 more

Timeline

Published Feb 24, 2019
Tracked Since Feb 18, 2026