295 matches found
SUSE CVE-2017-12451
The bfdxcoffreadarhdr function in bfd/coff-rs6000.c and bfd/coff64-rs6000.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds stack read via a crafted COFF image file...
SUSE CVE-2017-13716
The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service excessive memory allocation and application crash via a crafted file, as demonstrated by a call from the Binary File Descriptor BFD library aka...
SUSE CVE-2017-15939
dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, mishandles NULL files in a .debugline file table, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted ELF file, related to...
SUSE CVE-2017-17122
The dumprelocsinsection function in objdump.c in GNU Binutils 2.29.1 does not check for reloc count integer overflows, which allows remote attackers to cause a denial of service excessive memory allocation, or heap-based buffer overflow and application crash or possibly have unspecified other...
SUSE CVE-2018-7643
The displaydebugranges function in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service integer overflow and application crash or possibly have unspecified other impact via a crafted ELF file, as demonstrated by objdump...
SUSE CVE-2018-8945
The bfdsectionfromshdr function in elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service segmentation fault via a large attribute section...
SUSE CVE-2018-10372
processcutuindex in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted binary file, as demonstrated by readelf...
SUSE CVE-2021-45078
stabxcoffbuiltintype in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists because of an incorrect fix for CVE-2018-12699...
SUSE CVE-2023-25588
A flaw was found in Binutils. The field thebfd of asymbolstruct is uninitialized in the bfdmachogetsyntheticsymtab function, which may lead to an application crash and local denial of service...
Fedora 36 : mingw-binutils (2022-19538a3732)
The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-19538a3732 advisory. Backport fixes for CVE-2021-3826 and CVE-2022-38533. Tenable has extracted the preceding description block directly from the Fedora security advisor...
USN-5762-1 binutils vulnerability
It was discovered that GNU binutils incorrectly handled certain COFF files. An attacker could possibly use this issue to cause a crash or execute arbitrary code...
The vulnerability of the read_section() function in the dwarf2.c component of the GNU Binutils development environment allows a hacker to induce a service failure.
The vulnerability of the readsection function in the dwarf2.c component of the GNU Binutils development environment is related to insufficient input data validation. Exploiting this vulnerability allows an attacker who operates remotely to trigger a service failure using a specially created file...
AZL-10714 CVE-2022-38533 affecting package binutils for versions less than 2.37-4
In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfdgetl32 when called from the stripmain function in strip-new via a crafted file...
USN-5349-1 binutils vulnerability
It was discovered that GNU binutils gold incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service...
UBUNTU-CVE-2021-45078
stabxcoffbuiltintype in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists because of an incorrect fix for CVE-2018-12699...
Privilege Escalation
binutils is vulnerable to privilege escalation. The vulnerability exists due to an open race window when writing output in ar, objcopy, strip and ranlib...
GNU Binutils 缓冲区错误漏洞
GNU Binutils GNU Binary Utilities or binutils is a set of programming language utility programs developed by the GNU community. The programs are primarily used to work with target files in a variety of formats, and provide connectors, assemblers, and other tools for target files and archives. A...
The vulnerability of the `finish_stab` function in the `stabs.c` file of the Binutils development tools, related to the operation of pushing values out of the data buffer’s acceptable range, allows an attacker to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability in the finishstab function of the stabs.c file in the Binutils development tools set relates to the execution of operations within acceptable buffer data limits. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, an...
GNU Binutils 后置链接漏洞
GNU Binutils GNU Binary Utilities or binutils is a set of programming language utility programs developed by the GNU community. The programs are primarily designed to work with target files in a variety of formats, and provide linkers, assemblers, and other tools for target files and archives. An...
GNU Binutils Uninitialized Memory Usage Vulnerability
GNU Binutils is a set of programming tools for creating and managing binary programs, object files, libraries, profile data and assembly source code. An uninitialized memory usage vulnerability exists in tic4xprintcond in opcodes/tic4x-dis.c in GNU Binutils versions prior to 2.34. An attacker cou...