CVE-2026-3442

A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read, exists in the bfd linker component. An attacker could exploit this by convincing a user to process a specially crafted malicious XCOFF object file. Successful exploitation may...

AZL-56591 CVE-2025-1149 affecting package crash 9.0.0-1

A vulnerability was found in GNU Binutils 2.43. It has been classified as problematic. This affects the function xstrdup of the file libiberty/xmalloc.c of the component ld. The manipulation leads to memory leak. It is possible to initiate the attack remotely. The complexity of an attack is rathe...

UBUNTU-CVE-2025-1147

A vulnerability has been found in GNU Binutils 2.43 and classified as problematic. Affected by this vulnerability is the function sanitizer::internalstrlen of the file binutils/nm.c of the component nm. The manipulation of the argument const leads to buffer overflow. The attack can be launched...

GNU Binutils 缓冲区错误漏洞

GNU Binutils is a set of binary tools developed by the GNU Project, mainly used to deal with target files e.g., executables, libraries, etc., covering compilation, linking, debugging, and other phases of the function. An out-of-bounds read vulnerability exists in GNU Binutils, which originates in...

SUSE CVE-2017-14729

The getsyntheticsymtab functions in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, do not ensure a unique PLT entry for a symbol, which allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have...

SUSE CVE-2017-15020

dwarf1.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, mishandles pointers, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted ELF file, related to parsedie and...

SUSE CVE-2017-16829

The bfdelfparsegnuproperties function in elf-properties.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29.1, does not prevent negative pointers, which allows remote attackers to cause a denial of service out-of-bounds read and application crash or possibl...

PT-2021-20876 · Gnu +2 · Gnu Binutils +2

Name of the Vulnerable Software and Affected Versions: GNU Binutils version 2.36 Description: A flaw was discovered in GNU libiberty within demangle path in rust-demangle.c. A crafted symbol can cause stack memory to be exhausted, leading to a crash. Recommendations: For GNU Binutils version 2.36...

DEBIAN-CVE-2019-9077

An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in processmipsspecific in readelf.c via a malformed MIPS option section...

DEBIAN-CVE-2018-10534

The bfdXXbfdcopyprivatebfddatacommon function in peXXigen.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, processes a negative Data Directory size with an unbounded loop that increases the value of externalIMAGEDEBUGDIRECTORY edd so that the address...

DEBIAN-CVE-2017-14128

The decodelineinfo function in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service read1byte heap-based buffer over-read and application crash via a crafted ELF file...

DEBIAN-CVE-2017-7225

The findnearestline function in addr2line in GNU Binutils 2.28 does not handle the case where the main file name and the directory name are both empty, triggering a NULL pointer dereference and an invalid write, and leading to a program crash...

UBUNTU-CVE-2017-7226

The peILFobjectp function in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to a heap-based buffer over-read of size 4049 because it uses the strlen function instead of strnlen, leading to program crashes in several utilities such as addr2lin...