45 matches found
New Malware Targets Windows Subsystem for Linux to Evade Detection
A number of malicious samples have been created for the Windows Subsystem for Linux WSL with the goal of compromising Windows machines, highlighting a sneaky method that allows the operators to stay under the radar and thwart detection by popular anti-malware engines. The "distinct tradecraft"...
Fedora 缓冲区错误漏洞
UPX is an open source executable file packaging program that supports a variety of file formats from different operating systems. A denial of service vulnerability exists in canPack in plxelf.cpp in UPX version 3.96. An attacker can exploit this vulnerability to cause the application to crash via...
openSUSE: Security Advisory for binutils (openSUSE-SU-2020:1804-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Security update for binutils (moderate)
openSUSE Security Update: Security update for binutils Announcement ID: openSUSE-SU-2020:1804-1 Rating: moderate References: 1126826 1126829 1126831 1140126 1142649 1143609 1153768 1153770 1157755 1160254 1160590 1163333 1163744 Cross-References: CVE-2019-12972 CVE-2019-14250 CVE-2019-14444...
UBUNTU-CVE-2019-20805
plxelf.cpp in UPX before 3.96 has an integer overflow during unpacking via crafted values in a PTDYNAMIC segment...
binutils: Crash in elf.c:bfd_section_from_shdr() with crafted executable
The bfdsectionfromshdr function in elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service segmentation fault via a large attribute section...
CVE-2016-8390
An exploitable out of bounds write vulnerability exists in the parsing of ELF Section Headers of Hopper Disassembler 3.11.20. A specially crafted ELF file can cause attacker controlled pointer arithmetic resulting in a partially controlled out of bounds write. An attacker can craft an ELF file wi...
ALPINE-CVE-2018-7570
The assignfilepositionsfornonloadsections function in elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via an ELF file with a RELRO segment that lack...
GNU Binutils 'bfd_get_debug_link_info_1' Function Denial of Service Vulnerability
GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utilities developed by the GNU Project to work with object files in a variety of formats, with connectors, assemblers, and other tools for object files and archives.The Binary File Descriptor BFD library a.k.a...
DEBIAN-CVE-2017-17125
nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global symbols, which allows remote attackers to cause a denial of service bfdelfgetsymbolversionstring buffer over-read and application crash or possibly have unspecified other impact via a crafted ELF file...
CVE-2017-16357
In radare 2.0.1, a memory corruption vulnerability exists in storeversioninfognuverdef and storeversioninfognuverneed in libr/bin/format/elf/elf.c, as demonstrated by an invalid free. This error is due to improper shsize validation when allocating memory...
CVE-2017-16359
In radare 2.0.1, a pointer wraparound vulnerability exists in storeversioninfognuverdef in libr/bin/format/elf/elf.c...
CVE-2017-16357
CVE-2017-16357 affects radare2 2.0.1, with a memory corruption in libr/bin/format/elf/elf.c through store_versioninfo_gnu_verdef() and store_versioninfo_gnu_verneed(). The root cause is improper sh_size validation during memory allocation, demonstrated by an invalid free. The vulnerability may im...
UBUNTU-CVE-2017-15931
In radare2 2.0.1, an integer exception negative number leading to an invalid memory access exists in storeversioninfognuverneed in libr/bin/format/elf/elf.c via crafted ELF files on 32bit systems...
GNU Binutils 'bfd/elf32-sh.c' Remote Buffer Overflow Vulnerability
GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utilities developed by the GNU Project to work with object files in a variety of formats, with connectors, assemblers, and other tools for object files and archives.The Binary File Descriptor BFD library a.k.a...
GNU Binutils Denial of Service Vulnerability (CNVD-2017-07206)
GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utility programs developed by the GNU Project to work with target files in a variety of formats, with connectors, assemblers, and other tools for target files and archives. A denial of service vulnerability exis...
libdwarf 'ELF' File Remote Denial of Service Vulnerability
libdwarf is a set of tools for reading and writing DWARF2 debugging information. A vulnerability in libdwarf 'ELF' file handling allows remote attackers to commit a denial of service by submitting a special file...
GNU glibc library security vulnerabilities
Invalid mntent functions string processing, ELF format parsing memory corruption...
Ubuntu 4.10 : linux-source-2.6.8.1 vulnerabilities (USN-30-1)
CAN-2004-0883, CAN-2004-0949 : During an audit of the smb file system implementation within Linux, several vulnerabilities were discovered ranging from out of bounds read accesses to kernel level buffer overflows. To exploit any of these vulnerabilities, an attacker needs control over the answers...
Important: Red Hat Security Advisory: kernel security update
Updated kernel packages are now available to correct security issues and bugs for Red Hat Enterprise Linux version 2.1 Itanium. This update has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating syste...