The vulnerability of the p_lx_elf.cpp component in the UPX executable file packaging mechanism, which involves reading data beyond the allowed buffer size, allows attackers to access confidential information and cause system failures.

The vulnerability of the plxelf.cpp component in the UPX executable file packaging tool is related to reading data beyond the allowed buffer size. Exploiting this vulnerability can allow an attacker to gain access to confidential data, as well as cause service interruptions...

DEBIAN-CVE-2020-24821

A vulnerability in the dwarf::cursor::skipform function of Libelfin v0.3 allows attackers to cause a denial of service DOS through a segmentation fault via a crafted ELF file...

UBUNTU-CVE-2021-30500

Null pointer dereference was found in upx PackLinuxElf::canUnpack in plxelf.cpp,in version UPX 4.0.0. That allow attackers to execute arbitrary code and cause a denial of service via a crafted file...

binutils: denial of service via crafted ELF file

findabstractinstance in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service infinite recursion and application crash via a crafted ELF file...

find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd) as distributed in GNU Binutils 2.32 allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file.

...

RetDec - A Retargetable Machine-Code Decompiler Based On LLVM

RetDec is a retargetable machine-code decompiler based on LLVM. The decompiler is not limited to any particular target architecture, operating system, or executable file format: Supported file formats: ELF, PE, Mach-O, COFF, AR archive, Intel HEX, and raw machine code Supported architectures:...

The vulnerability of the graphical administration tool for domain management, fly-admin-gmc, in the FLY operating system of Astra Linux, related to improper access control, allows a perpetrator to trigger a service failure.

The vulnerability of the graphical administration tool for domain management, fly-admin-gmc, in the FLY environment of the Astra Linux operating system is related to an error that causes a significant delay in opening a folder with the ELF filter enabled. Exploiting this vulnerability allows a...

The vulnerability of the elflint.c library, a utility for modifying and analyzing binary ELF files, related to insufficient input validation, allows attackers to cause service interruptions.

The vulnerability of the elflint.c library tool for modifying and analyzing binary ELF files is related to insufficient checks on the number of partitions and segments. Exploiting this vulnerability allows a malicious actor to cause a service failure for a specially created ELF file...

elfutils heap buffer overread vulnerability

elfutils is a collection of utilities and libraries for reading, creating, and modifying ELF binaries, finding and manipulating DWARF debug data, symbols, thread states, and stack traces for processes and kernel files on GNU/Linux. A heap buffer over-read vulnerability exists in the elf32xlatetom...

DEBIAN-CVE-2019-7148

An attempted excessive memory allocation was discovered in the function readlongnames in elfbegin.c in libelf in elfutils 0.174. Remote attackers could leverage this vulnerability to cause a denial-of-service via crafted elf input, which leads to an out-of-memory exception. NOTE: The maintainers...

UBUNTU-CVE-2018-20002

The bfdgenericreadminisymbols function in syms.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service memory consumption, as demonstrated by nm...

The vulnerability of the do_core_note function in the console command “file” allows a perpetrator to trigger a service failure.

The vulnerability of the docorenote function in the console command file is related to an error that causes reading beyond the allocated memory buffer. Exploiting this vulnerability could allow a malicious actor to cause service failure by using a specially crafted ELF format file...

binutils: NULL pointer dereference in swap_std_reloc_in function in aoutx.h resulting in crash

The swapstdrelocin function in aoutx.h in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service aout32swapstdrelocout NULL pointer dereference and application crash via a crafted ELF file, as demonstrated by...

GNU Binutils Binary File Descriptor library null pointer dereference vulnerability

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utilities developed by the GNU Project to work with object files in a variety of formats, with connectors, assemblers, and other tools for object files and archives.The Binary File Descriptor BFD library a.k.a...

kernel: Integer overflow in Linux's create_elf_tables function

An integer overflow flaw was found in the Linux kernel's createelftables function. An unprivileged local user with access to SUID or otherwise privileged binary could use this flaw to escalate their privileges on the system...

UBUNTU-CVE-2018-17358

An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31. An invalid memory access exists in bfdstabsectionfindnearestline in syms.c. Attackers could leverage this vulnerability to cause a denial of service application crash via a crafted E...

DEBIAN-CVE-2018-10360

The docorenote function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted ELF file...

PT-2018-5002 · Unknown · Hopper Disassembler

Name of the Vulnerable Software and Affected Versions: Hopper Disassembler version 3.11.20 Description: An exploitable out of bounds write issue exists in the parsing of ELF Section Headers. A specially crafted ELF file can cause attacker-controlled pointer arithmetic, resulting in a partially...

Netwide Assembler Buffer Overflow Vulnerability

Netwide Assembler NASM is a Linux-based assembler that creates binaries and writes bootloaders. A stack buffer out-of-bounds read vulnerability exists in the 'disasm' function of the disasm/disasm.c file in NASM version 2.13. A remote attacker can exploit this vulnerability to cause a denial of...

DEBIAN-CVE-2018-7569

dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service integer underflow or overflow, and application crash via an ELF file with a corrupt DWARF FORM block, as demonstrated by nm...