ReportizFlow
Filtered by vendor Gnu
Subscriptions
Filtered by product Binutils
Subscriptions
Total
247 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-16832 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| The pe_bfd_read_buildid function in peicode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate size and offset values in the data dictionary, which allows remote attackers to cause a denial of service (segmentation violation and application crash) or possibly have unspecified other impact via a crafted PE file. | ||||
| CVE-2017-12448 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| The bfd_cache_close function in bfd/cache.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a heap use after free and possibly achieve code execution via a crafted nested archive file. This issue occurs because incorrect functions are called during an attempt to release memory. The issue can be addressed by better input validation in the bfd_generic_archive_p function in bfd/archive.c. | ||||
| CVE-2017-6966 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| readelf in GNU Binutils 2.28 has a use-after-free (specifically read-after-free) error while processing multiple, relocated sections in an MSP430 binary. This is caused by mishandling of an invalid symbol index, and mishandling of state across invocations. | ||||
| CVE-2017-14938 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| _bfd_elf_slurp_version_tables in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file. | ||||
| CVE-2017-15025 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted ELF file. | ||||
| CVE-2017-16826 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| The coff_slurp_line_table function in coffcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via a crafted PE file. | ||||
| CVE-2017-16827 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| The aout_get_external_symbols function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (slurp_symtab invalid free and application crash) or possibly have unspecified other impact via a crafted ELF file. | ||||
| CVE-2017-16830 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| The print_gnu_property_note function in readelf.c in GNU Binutils 2.29.1 does not have integer-overflow protection on 32-bit platforms, which allows remote attackers to cause a denial of service (segmentation violation and application crash) or possibly have unspecified other impact via a crafted ELF file. | ||||
| CVE-2017-12454 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| The _bfd_vms_slurp_egsd function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an arbitrary memory read via a crafted vms alpha file. | ||||
| CVE-2017-8394 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 4 due to NULL pointer dereferencing of _bfd_elf_large_com_section. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objcopy, to crash. | ||||
| CVE-2017-16828 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| The display_debug_frames function in dwarf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service (integer overflow and heap-based buffer over-read, and application crash) or possibly have unspecified other impact via a crafted ELF file, related to print_debug_frame. | ||||
| CVE-2017-17122 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| The dump_relocs_in_section function in objdump.c in GNU Binutils 2.29.1 does not check for reloc count integer overflows, which allows remote attackers to cause a denial of service (excessive memory allocation, or heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PE file. | ||||
| CVE-2017-16831 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate the symbol count, which allows remote attackers to cause a denial of service (integer overflow and application crash, or excessive memory allocation) or possibly have unspecified other impact via a crafted PE file. | ||||
| CVE-2017-12450 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| The alpha_vms_object_p function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted vms alpha file. | ||||
| CVE-2017-9747 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| The ieee_archive_p function in bfd/ieee.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, might allow remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. NOTE: this may be related to a compiler bug. | ||||
| CVE-2017-9040 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| GNU Binutils 2017-04-03 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash), related to the process_mips_specific function in readelf.c, via a crafted ELF file that triggers a large memory-allocation attempt. | ||||
| CVE-2017-12456 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| The read_symbol_stabs_debugging_info function in rddbg.c in GNU Binutils 2.29 and earlier allows remote attackers to cause an out of bounds heap read via a crafted binary file. | ||||
| CVE-2017-9039 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| GNU Binutils 2.28 allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file with many program headers, related to the get_program_headers function in readelf.c. | ||||
| CVE-2017-9753 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| The versados_mkobject function in bfd/versados.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, does not initialize a certain data structure, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. | ||||
| CVE-2017-9038 | 1 Gnu | 1 Binutils | 2025-04-20 | N/A |
| GNU Binutils 2.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to the byte_get_little_endian function in elfcomm.c, the get_unwind_section_word function in readelf.c, and ARM unwind information that contains invalid word offsets. | ||||