Filtered by vendor Gnu
Subscriptions
Filtered by product Binutils
Subscriptions
Total
224 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-25588 | 2 Gnu, Redhat | 2 Binutils, Enterprise Linux | 2024-09-25 | 4.7 Medium |
A flaw was found in Binutils. The field `the_bfd` of `asymbol`struct is uninitialized in the `bfd_mach_o_get_synthetic_symtab` function, which may lead to an application crash and local denial of service. | ||||
CVE-2023-25586 | 2 Gnu, Redhat | 2 Binutils, Enterprise Linux | 2024-09-25 | 4.7 Medium |
A flaw was found in Binutils. A logic fail in the bfd_init_section_decompress_status function may lead to the use of an uninitialized variable that can cause a crash and local denial of service. | ||||
CVE-2023-25585 | 2 Gnu, Redhat | 2 Binutils, Enterprise Linux | 2024-09-25 | 4.7 Medium |
A flaw was found in Binutils. The use of an uninitialized field in the struct module *module may lead to application crash and local denial of service. | ||||
CVE-2017-12459 | 1 Gnu | 1 Binutils | 2024-09-17 | N/A |
The bfd_mach_o_read_symtab_strtab function in bfd/mach-o.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted mach-o file. | ||||
CVE-2017-15225 | 1 Gnu | 1 Binutils | 2024-09-17 | N/A |
_bfd_dwarf2_cleanup_debug_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (memory leak) via a crafted ELF file. | ||||
CVE-2017-12458 | 1 Gnu | 1 Binutils | 2024-09-17 | N/A |
The nlm_swap_auxiliary_headers_in function in bfd/nlmcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted nlm file. | ||||
CVE-2017-14729 | 1 Gnu | 1 Binutils | 2024-09-17 | N/A |
The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, do not ensure a unique PLT entry for a symbol, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c. | ||||
CVE-2017-12449 | 1 Gnu | 1 Binutils | 2024-09-17 | N/A |
The _bfd_vms_save_sized_string function in vms-misc.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms file. | ||||
CVE-2017-12448 | 1 Gnu | 1 Binutils | 2024-09-17 | N/A |
The bfd_cache_close function in bfd/cache.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a heap use after free and possibly achieve code execution via a crafted nested archive file. This issue occurs because incorrect functions are called during an attempt to release memory. The issue can be addressed by better input validation in the bfd_generic_archive_p function in bfd/archive.c. | ||||
CVE-2017-14940 | 1 Gnu | 1 Binutils | 2024-09-16 | N/A |
scan_unit_for_symbols in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file. | ||||
CVE-2017-12450 | 1 Gnu | 1 Binutils | 2024-09-16 | N/A |
The alpha_vms_object_p function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted vms alpha file. | ||||
CVE-2017-12452 | 1 Gnu | 1 Binutils | 2024-09-16 | N/A |
The bfd_mach_o_i386_canonicalize_one_reloc function in bfd/mach-o-i386.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted mach-o file. | ||||
CVE-2017-12453 | 1 Gnu | 1 Binutils | 2024-09-16 | N/A |
The _bfd_vms_slurp_eeom function in libbfd.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file. | ||||
CVE-2017-7226 | 1 Gnu | 1 Binutils | 2024-09-16 | N/A |
The pe_ILF_object_p function in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a heap-based buffer over-read of size 4049 because it uses the strlen function instead of strnlen, leading to program crashes in several utilities such as addr2line, size, and strings. It could lead to information disclosure as well. | ||||
CVE-2017-12457 | 1 Gnu | 1 Binutils | 2024-09-16 | N/A |
The bfd_make_section_with_flags function in section.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a NULL dereference via a crafted file. | ||||
CVE-2017-14529 | 1 Gnu | 1 Binutils | 2024-09-16 | N/A |
The pe_print_idata function in peXXigen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles HintName vector entries, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted PE file, related to the bfd_getl16 function. | ||||
CVE-2017-14745 | 1 Gnu | 1 Binutils | 2024-09-16 | N/A |
The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, interpret a -1 value as a sorting count instead of an error flag, which allows remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c. | ||||
CVE-2017-12451 | 1 Gnu | 1 Binutils | 2024-09-16 | N/A |
The _bfd_xcoff_read_ar_hdr function in bfd/coff-rs6000.c and bfd/coff64-rs6000.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds stack read via a crafted COFF image file. | ||||
CVE-2017-14974 | 1 Gnu | 1 Binutils | 2024-09-16 | N/A |
The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandle the failure of a certain canonicalization step, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c. | ||||
CVE-2017-13716 | 1 Gnu | 1 Binutils | 2024-09-16 | N/A |
The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd). |