7 matches found
CVE-2025-69646
Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debugrnglists data. A logic error in the handling of the debugrnglists header can cause objdump to repeatedly print the same warning message and fail to terminate, resulting in an...
CVE-2025-69645
Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug information. A logic error in the handling of DWARF compilation units can result in an invalid offsetsize value being used inside bytegetlittleendian, leading to an abort SIGABR...
GNU Binutils(GNU Binary Utilities) 安全漏洞
GNU Binutils is a binary toolset developed by the GNU Project for working with target files and executables. A security vulnerability exists in GNU Binutils version 2.44, which stems from a bfdelfgetstrsection function handling exception in the bfd/elf.c component of the BFD library file. An...
AZL-61982 CVE-2025-5244 affecting package binutils for versions less than 2.37-15
A vulnerability was found in GNU Binutils up to 2.44. It has been rated as critical. Affected by this issue is the function elfgcsweep of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed...
DEBIAN-CVE-2025-1179
A vulnerability was found in GNU Binutils 2.43. It has been rated as critical. Affected by this issue is the function bfdputl64 of the file bfd/libbfd.c of the component ld. The manipulation leads to memory corruption. The attack may be launched remotely. The complexity of an attack is rather hig...
AZL-56103 CVE-2025-0840 affecting package binutils for versions less than 2.37-11
A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects the function disassemblebytes of the file binutils/objdump.c. The manipulation of the argument buf leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...
jenkins: Stored XSS vulnerability in upstream cause
A flaw was found in Jenkins versions 2.244 and prior and in LTS 2.235.1 and prior. The upstream job's display name is not escaped on build time trend pages which could lead to a stored cross-site scripting XSS vulnerability. The user must have the Agent/Configure permission for this exploit to...