Filtered by vendor Gnu Subscriptions
Filtered by product Binutils Subscriptions
Total 224 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-35206 1 Gnu 1 Binutils 2024-11-21 5.5 Medium
Null pointer dereference vulnerability in Binutils readelf 2.38.50 via function read_and_display_attr_value in file dwarf.c.
CVE-2022-35205 1 Gnu 1 Binutils 2024-11-21 5.5 Medium
An issue was discovered in Binutils readelf 2.38.50, reachable assertion failure in function display_debug_names allows attackers to cause a denial of service.
CVE-2021-46174 2 Binutils, Gnu 2 Objdump, Binutils 2024-11-21 7.5 High
Heap-based Buffer Overflow in function bfd_getl32 in Binutils objdump 3.37.
CVE-2021-45078 5 Debian, Fedoraproject, Gnu and 2 more 5 Debian Linux, Fedora, Binutils and 2 more 2024-11-21 7.8 High
stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists because of an incorrect fix for CVE-2018-12699.
CVE-2021-3549 1 Gnu 1 Binutils 2024-11-21 7.1 High
An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to avr_elf32_load_records_from_section() probably resulting in a crash or in some cases memory corruption. The highest threat from this vulnerability is to integrity as well as system availability.
CVE-2021-3530 2 Gnu, Netapp 2 Binutils, Ontap Select Deploy Administration Utility 2024-11-21 7.5 High
A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed in GNU Binutils version 2.36. A crafted symbol can cause stack memory to be exhausted leading to a crash.
CVE-2021-37322 1 Gnu 2 Binutils, Gcc 2024-11-21 7.8 High
GCC c++filt v2.26 was discovered to contain a use-after-free vulnerability via the component cplus-dem.c.
CVE-2021-32256 1 Gnu 1 Binutils 2024-11-21 6.5 Medium
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangle_type in rust-demangle.c.
CVE-2021-20294 1 Gnu 1 Binutils 2024-11-21 7.8 High
A flaw was found in binutils readelf 2.35 program. An attacker who is able to convince a victim using readelf to read a crafted file could trigger a stack buffer overflow, out-of-bounds write of arbitrary data supplied by the attacker. The highest impact of this flaw is to confidentiality, integrity, and availability.
CVE-2021-20284 3 Gnu, Netapp, Redhat 4 Binutils, Cloud Backup, Ontap Select Deploy Administration Utility and 1 more 2024-11-21 5.5 Medium
A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c due to the number of symbols not calculated correctly. The highest threat from this vulnerability is to system availability.
CVE-2021-20197 4 Broadcom, Gnu, Netapp and 1 more 6 Brocade Fabric Operating System Firmware, Binutils, Cloud Backup and 3 more 2024-11-21 6.3 Medium
There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user (presumably as part of a script updating binaries across different users), an unprivileged user can trick these utilities into getting ownership of arbitrary files through a symlink.
CVE-2020-35507 4 Broadcom, Gnu, Netapp and 1 more 9 Brocade Fabric Operating System, Binutils, Cloud Backup and 6 more 2024-11-21 5.5 Medium
There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability.
CVE-2020-35496 4 Broadcom, Fedoraproject, Gnu and 1 more 9 Brocade Fabric Operating System Firmware, Fedora, Binutils and 6 more 2024-11-21 5.5 Medium
There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. This flaw affects binutils versions prior to 2.34.
CVE-2020-35495 4 Broadcom, Fedoraproject, Gnu and 1 more 9 Brocade Fabric Operating System Firmware, Fedora, Binutils and 6 more 2024-11-21 5.5 Medium
There's a flaw in binutils /bfd/pef.c. An attacker who is able to submit a crafted input file to be processed by the objdump program could cause a null pointer dereference. The greatest threat from this flaw is to application availability. This flaw affects binutils versions prior to 2.34.
CVE-2020-35494 4 Broadcom, Fedoraproject, Gnu and 1 more 9 Brocade Fabric Operating System Firmware, Fedora, Binutils and 6 more 2024-11-21 6.1 Medium
There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted input file to be processed by binutils could cause usage of uninitialized memory. The highest threat is to application availability with a lower threat to data confidentiality. This flaw affects binutils versions prior to 2.34.
CVE-2020-35493 4 Broadcom, Fedoraproject, Gnu and 1 more 9 Brocade Fabric Operating System Firmware, Fedora, Binutils and 6 more 2024-11-21 5.5 Medium
A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap buffer overflow -> out-of-bounds read that could lead to an impact to application availability. This flaw affects binutils versions prior to 2.34.
CVE-2020-35448 3 Gnu, Netapp, Redhat 3 Binutils, Ontap Select Deploy Administration Utility, Enterprise Linux 2024-11-21 3.3 Low
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35.1. A heap-based buffer over-read can occur in bfd_getl_signed_32 in libbfd.c because sh_entsize is not validated in _bfd_elf_slurp_secondary_reloc_section in elf.c.
CVE-2020-35342 1 Gnu 1 Binutils 2024-11-21 7.5 High
GNU Binutils before 2.34 has an uninitialized-heap vulnerability in function tic4x_print_cond (file opcodes/tic4x-dis.c) which could allow attackers to make an information leak.
CVE-2020-21490 1 Gnu 1 Binutils 2024-11-21 5.5 Medium
An issue was discovered in GNU Binutils 2.34. It is a memory leak when process microblaze-dis.c. This one will consume memory on each insn disassembled.
CVE-2020-19726 1 Gnu 1 Binutils 2024-11-21 8.8 High
An issue was discovered in binutils libbfd.c 2.36 relating to the auxiliary symbol data allows attackers to read or write to system memory or cause a denial of service.