GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function load_separate_debug_files at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack.
2.34-6ubuntu1.92.38-4ubuntu2.62.24-5ubuntu14.2+esm52.26.1-1ubuntu1~16.04.8+esm92.30-21ubuntu1~18.04.9+esm3Exploitability
AV:LAC:LPR:NUI:RScope
S:UImpact
C:NI:NA:HCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H