{ "affected": [ { "database_specific": { "unresolved_ranges": [ { "events": [ { "introduced": "0" }, { "last_affected": "18.04" } ] } ] }, "ranges": [ { "database_specific": { "versions": [ { "introduced": "0" }, { "last_affected": "2.32" } ] }, "events": [ { "introduced": "0" }, { "last_affected": "a9d9a104dde6a749f40ce5c4576a0042a7d52d1f" } ], "repo": "https://sourceware.org/git/binutils-gdb.git", "type": "GIT" } ] } ], "details": "An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c.", "id": "CVE-2019-9074", "modified": "2026-03-15T21:47:25.008431611Z", "published": "2019-02-24T00:29:00.457Z", "references": [ { "type": "ADVISORY", "url": "https://security.gentoo.org/glsa/202107-24" }, { "type": "ADVISORY", "url": "https://support.f5.com/csp/article/K09092524" }, { "type": "ADVISORY", "url": "https://usn.ubuntu.com/4336-1/" }, { "type": "ADVISORY", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html" }, { "type": "ADVISORY", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html" }, { "type": "REPORT", "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24235" }, { "type": "FIX", "url": "https://security.netapp.com/advisory/ntap-20190314-0003/" } ], "severity": [ { "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "type": "CVSS_V3" } ] }