Filtered by vendor Gnu
Subscriptions
Total
1068 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-8392 | 1 Gnu | 1 Binutils | 2024-08-05 | N/A |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 8 because of missing a check to determine whether symbols are NULL in the _bfd_dwarf2_find_nearest_line function. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objdump, to crash. | ||||
CVE-2017-8394 | 1 Gnu | 1 Binutils | 2024-08-05 | N/A |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 4 due to NULL pointer dereferencing of _bfd_elf_large_com_section. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objcopy, to crash. | ||||
CVE-2017-8395 | 1 Gnu | 1 Binutils | 2024-08-05 | N/A |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid write of size 8 because of missing a malloc() return-value check to see if memory had actually been allocated in the _bfd_generic_get_section_contents function. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objcopy, to crash. | ||||
CVE-2017-7869 | 2 Gnu, Redhat | 2 Gnutls, Enterprise Linux | 2024-08-05 | N/A |
GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_read function in opencdk/read-packet.c. This issue (which is a subset of the vendor's GNUTLS-SA-2017-3 report) is fixed in 3.5.10. | ||||
CVE-2017-7853 | 1 Gnu | 1 Osip | 2024-08-05 | N/A |
In libosip2 in GNU oSIP 4.1.0 and 5.0.0, a malformed SIP message can lead to a heap buffer overflow in the msg_osip_body_parse() function defined in osipparser2/osip_message_parse.c, resulting in a remote DoS. | ||||
CVE-2017-7614 | 1 Gnu | 1 Binutils | 2024-08-05 | N/A |
elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a "member access within null pointer" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an "int main() {return 0;}" program. | ||||
CVE-2017-7507 | 2 Gnu, Redhat | 2 Gnutls, Enterprise Linux | 2024-08-05 | N/A |
GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid contents. This could lead to a crash of the GnuTLS server application. | ||||
CVE-2017-7303 | 1 Gnu | 1 Binutils | 2024-08-05 | N/A |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read (of size 4) because of missing a check (in the find_link function) for null headers before attempting to match them. This vulnerability causes Binutils utilities like strip to crash. | ||||
CVE-2017-7301 | 1 Gnu | 1 Binutils | 2024-08-05 | N/A |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in bfd/aoutx.h that has an off-by-one vulnerability because it does not carefully check the string offset. The vulnerability could lead to a GNU linker (ld) program crash. | ||||
CVE-2017-7299 | 1 Gnu | 1 Binutils | 2024-08-05 | N/A |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an invalid read (of size 8) because the code to emit relocs (bfd_elf_final_link function in bfd/elflink.c) does not check the format of the input file before trying to read the ELF reloc section header. The vulnerability leads to a GNU linker (ld) program crash. | ||||
CVE-2017-7304 | 1 Gnu | 1 Binutils | 2024-08-05 | N/A |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read (of size 8) because of missing a check (in the copy_special_section_fields function) for an invalid sh_link field before attempting to follow it. This vulnerability causes Binutils utilities like strip to crash. | ||||
CVE-2017-7300 | 1 Gnu | 1 Binutils | 2024-08-05 | N/A |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in bfd/aoutx.h that is vulnerable to a heap-based buffer over-read (off-by-one) because of an incomplete check for invalid string offsets while loading symbols, leading to a GNU linker (ld) program crash. | ||||
CVE-2017-7302 | 1 Gnu | 1 Binutils | 2024-08-05 | N/A |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a swap_std_reloc_out function in bfd/aoutx.h that is vulnerable to an invalid read (of size 4) because of missing checks for relocs that could not be recognised. This vulnerability causes Binutils utilities like strip to crash. | ||||
CVE-2017-7209 | 1 Gnu | 1 Binutils | 2024-08-05 | N/A |
The dump_section_as_bytes function in readelf in GNU Binutils 2.28 accesses a NULL pointer while reading section contents in a corrupt binary, leading to a program crash. | ||||
CVE-2017-7223 | 1 Gnu | 1 Binutils | 2024-08-05 | N/A |
GNU assembler in GNU Binutils 2.28 is vulnerable to a global buffer overflow (of size 1) while attempting to unget an EOF character from the input stream, potentially leading to a program crash. | ||||
CVE-2017-7210 | 1 Gnu | 1 Binutils | 2024-08-05 | N/A |
objdump in GNU Binutils 2.28 is vulnerable to multiple heap-based buffer over-reads (of size 1 and size 8) while handling corrupt STABS enum type strings in a crafted object file, leading to program crash. | ||||
CVE-2017-7225 | 1 Gnu | 1 Binutils | 2024-08-05 | N/A |
The find_nearest_line function in addr2line in GNU Binutils 2.28 does not handle the case where the main file name and the directory name are both empty, triggering a NULL pointer dereference and an invalid write, and leading to a program crash. | ||||
CVE-2017-7224 | 1 Gnu | 1 Binutils | 2024-08-05 | N/A |
The find_nearest_line function in objdump in GNU Binutils 2.28 is vulnerable to an invalid write (of size 1) while disassembling a corrupt binary that contains an empty function name, leading to a program crash. | ||||
CVE-2017-7227 | 1 Gnu | 1 Binutils | 2024-08-05 | N/A |
GNU linker (ld) in GNU Binutils 2.28 is vulnerable to a heap-based buffer overflow while processing a bogus input script, leading to a program crash. This relates to lack of '\0' termination of a name field in ldlex.l. | ||||
CVE-2017-6966 | 1 Gnu | 1 Binutils | 2024-08-05 | N/A |
readelf in GNU Binutils 2.28 has a use-after-free (specifically read-after-free) error while processing multiple, relocated sections in an MSP430 binary. This is caused by mishandling of an invalid symbol index, and mishandling of state across invocations. |