CVE-2026-3442

A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read, exists in the bfd linker component. An attacker could exploit this by convincing a user to process a specially crafted malicious XCOFF object file. Successful exploitation may...

The vulnerability of the displaydebugnames() function in the GNU Binutils development environment allows a attacker to cause a service failure.

The vulnerability of the displaydebugnames function in the GNU Binutils development environment is related to the insufficient use of the assert function. Exploiting this vulnerability could allow an attacker to cause a system failure...

AZL-56591 CVE-2025-1149 affecting package crash 9.0.0-1

A vulnerability was found in GNU Binutils 2.43. It has been classified as problematic. This affects the function xstrdup of the file libiberty/xmalloc.c of the component ld. The manipulation leads to memory leak. It is possible to initiate the attack remotely. The complexity of an attack is rathe...

UBUNTU-CVE-2025-1147

A vulnerability has been found in GNU Binutils 2.43 and classified as problematic. Affected by this vulnerability is the function sanitizer::internalstrlen of the file binutils/nm.c of the component nm. The manipulation of the argument const leads to buffer overflow. The attack can be launched...

The vulnerability of the d_expression_1 function in the cp-demangle.c component of the GNU Binutils development environment, which involves reading data beyond the allowable buffer limits, allows a attacker to cause a service failure.

The vulnerability of the dexpression1 function in the cp-demangle.c component of the GNU Binutils development environment is related to reading data beyond the allowable buffer size. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

The vulnerability of the gold/fileread.cc component of the GNU Binutils development environment, which involves reading data beyond the allowed buffer limits, allows a hacker to cause a service failure.

The vulnerability of the gold/fileread.cc component in the GNU Binutils development environment relates to reading data from buffer files beyond their acceptable limits. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

The vulnerability of the `bfd_mach_o_read_symtab_strtab` function in the `bfd/mach-o.c` component of the GNU Binutils development environment allows a attacker to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the bfdmachoreadsymtabstrtab function in the bfd/mach-o.c component of the GNU Binutils development environment is related to buffer overflow attacks. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause...

The vulnerability of the process_cu_tu_index function in the dwarf.c component of the GNU Binutils development environment allows a hacker to induce a service failure.

The vulnerability of the processcutuindex function in the dwarf.c component of the GNU Binutils development environment is related to reading data from buffer beyond its allowable limits. Exploiting this vulnerability allows an attacker to trigger a service failure using a specially created binar...

The vulnerability in the `bfd_mach_o_i386_canonicalize_one_reloc` function of the `bfd/mach-o-i386.c` component of the GNU Binutils development environment allows a attacker to access confidential data, compromise its integrity, and cause service failure.

The vulnerability of the bfdmachoi386canonicalizeonereloc function in the bfd/mach-o-i386.c component of the GNU Binutils development environment is related to reading data beyond the allowed buffer limits. Exploiting this vulnerability allows an attacker to gain access to confidential data,...

The vulnerability of the process_version_sections function in the readelf.c component of the GNU Binutils development environment allows a attacker to trigger a service failure or exert other effects.

The vulnerability of the processversionsections function in the readelf.c component of the GNU Binutils development environment is related to integer overflow. Exploiting this vulnerability allows an attacker to cause service failures or other effects through a specially created binary file...

The vulnerability of the pr_function_type function in the GNU Binutils development environment, which allows a hacker to trigger a service failure.

The vulnerability of the prfunctiontype function in the GNU Binutils development environment is related to memory release errors. Exploiting this vulnerability could allow an attacker to cause a system failure...

GNU Binutils 缓冲区错误漏洞

GNU Binutils is a set of binary tools developed by the GNU Project, mainly used to deal with target files e.g., executables, libraries, etc., covering compilation, linking, debugging, and other phases of the function. An out-of-bounds read vulnerability exists in GNU Binutils, which originates in...

SUSE CVE-2017-14729

The getsyntheticsymtab functions in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, do not ensure a unique PLT entry for a symbol, which allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have...

SUSE CVE-2017-15020

dwarf1.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, mishandles pointers, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted ELF file, related to parsedie and...

SUSE CVE-2017-16829

The bfdelfparsegnuproperties function in elf-properties.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29.1, does not prevent negative pointers, which allows remote attackers to cause a denial of service out-of-bounds read and application crash or possibl...

PT-2021-20876 · Gnu +2 · Gnu Binutils +2

Name of the Vulnerable Software and Affected Versions: GNU Binutils version 2.36 Description: A flaw was discovered in GNU libiberty within demangle path in rust-demangle.c. A crafted symbol can cause stack memory to be exhausted, leading to a crash. Recommendations: For GNU Binutils version 2.36...

DEBIAN-CVE-2019-9077

An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in processmipsspecific in readelf.c via a malformed MIPS option section...

The vulnerability of the coff_pointerize_aux function in the GNU Binutils development environment allows a hacker to trigger a service failure.

The vulnerability of the coffpointerizeaux function in the GNU Binutils development environment is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures remotely...

DEBIAN-CVE-2018-10534

The bfdXXbfdcopyprivatebfddatacommon function in peXXigen.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, processes a negative Data Directory size with an unbounded loop that increases the value of externalIMAGEDEBUGDIRECTORY edd so that the address...

DEBIAN-CVE-2017-14128

The decodelineinfo function in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service read1byte heap-based buffer over-read and application crash via a crafted ELF file...