CVE-2018-7642 – GNU Binutils 2.30

Are you aware of CVE-2018-7642? Bug found GNU Binutils 2.30 on 24th Feb 2018. However it noted to my interest that Binutils 2.30 released on 27th Jan 2018. But 3 weeks later, found a system bug causes system crash. The flaw is that it lack of check if “sym” is null. The bug was fixed on 28th Feb 2018. But I was wondering that GNU Binary Utilities, or binutils, are a set of programming tools for creating and managing binary programs, object files, libraries, profile data, and assembly source code. So if you are using GNU Binutils version 2.30, you must be staying alert! Perhaps the design flaw only encounter system crash. But it  is under my observation.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.