295 matches found
GNU Binutils 缓冲区错误漏洞
GNU Binutils is a set of programming tools for creating and managing binary programs, object files, libraries, profile data and assembly source code. A heap buffer overflow vulnerability exists in bfdgetlsigned32 in libbfd.c in the Binary File Descriptor BFD library used in GNU Binutils 2.35.1. T...
GNU Binutils Code Problem Vulnerability
GNU Binutils GNU Binary Utilities or binutils is a set of programming language utility programs developed by the GNU community. The programs are primarily used to work with target files in a variety of formats, and provide connectors, assemblers, and other tools for target files and archives. A...
Denial Of Service (DoS)
binutils is vulnerable to denial of service DoS. The vulnerability exists in setupgroup function which allows a malicious user to cause an application crash...
Arbitrary File Write
binutils is vulnerable to directory traversal. Local users are able to delete arbitrary files via a ../ in the file name or an absolute path name in a malicious archive to strip or perform an objcopy or create arbitrary files...
Denial Of Service (DoS)
binutils is vulnerable to denial of service DoS. The vulnerability exists through an out-of-bounds read in bfdgetl32 of libbfd.c, when called from the pex64getruntimefunction in pei-x8664.c...
Denial Of Service (DoS)
binutils is vulnerable to denial of serviceDoS. The elfparsenotes function in elf.c in the Binary File Descriptor BFD library aka libbfd allows remote attackers to cause a denial of service out-of-bounds read and segmentation violation via a note with a large alignment...
Denial Of Service (DoS)
binutils is vulnerable to denial of service. An attacker to cause excessive memory consumption in the rememberKtype in cplus-dem.c, potentially resulting in an application crash...
Arbitrary Code Execution
binutils is vulnerable to arbitrary code execution. A heap-based buffer overflow in bfdarchive64bitslurparmap in archive64.c allows an attacker to execute arbitrary code on the host OS...
GNU Binutils Denial of Service Vulnerability (CNVD-2019-34651)
GNU Binutils is a set of programming tools for creating and managing binary programs, object files, libraries, profile data and assembly source code. A denial of service vulnerability exists in findabstractinstance in dwarf2.c in the Binary File Descriptor BFD library used in GNU Binutils 2.32. A...
Arbitrary Code Execution
binutils is vulnerable to arbitrary code execution. An integer overflow in objdump, bfdgetdynamicrelocupperbound and bfdcanonicalizedynamicreloc allows a local attacker to execute arbitrary code...
Denial Of Service (DoS)
Binutils is vulnerable to denial of service DoS attacks. The vulnerability exists in the Binary File Descriptor BFD library. An attacker could cause an application crash via a crafted ELF file impacting availability of the application...
GNU Binutils Excessive Memory Allocation Attempt Vulnerability
GNU Binutils is a set of programming tools for creating and managing binary programs, object files, libraries, profile data and assembly source code. An excessive memory allocation attempt vulnerability exists in elfreadnotes in elf.c in the Binary File Descriptor BFD library known as libbfd used...
The vulnerability of the _bfd_add_merge_section function in the GNU Binutils development environment allows a hacker to trigger a service failure.
The vulnerability of the bfdaddmergesection function in the GNU Binutils development environment is related to the assignment of a null pointer when attempting to merge sections with large differences. Exploiting this vulnerability could allow an attacker to trigger a service failure...
The vulnerability in the cplus-dem.c file of the GNU Binutils development environment allows a hacker to trigger a service failure.
The vulnerability in the cplus-dem.c file of the GNU Binutils development environment is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the `ignore_section_sym` function in the GNU Binutils development environment allows a hacker to trigger a service failure.
The vulnerability of the ignoresectionsym function in the GNU Binutils development toolset is related to the lack of NULL check and the assignment of the outputsection pointer when writing a symtab with the type “SECTION”. Exploitation of this vulnerability could allow an attacker to cause servic...
The vulnerability of the elf_link_input_bfd function in the GNU Binutils development environment, related to the handling of zero pointer assignments, allows a hacker to trigger a service failure.
The vulnerability of the elflinkinputbfd function in the GNU Binutils development toolset is related to the use of a null pointer pointer when searching for STTTLS symbols, especially when TLS sections are not present. Exploiting this vulnerability can allow an attacker to cause a service failure...
Denial Of Service (DoS)
binutils is vulnerable to denial of service. A heap-based buffer over-read in the processcutuindex function in dwarf.c allows a remote attacker to crash the application via a malicious file...
CVE-2018-1000876
binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfdgetdynamicrelocupperbound,bfdcanonicalizedynamicreloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be...
UBUNTU-CVE-2018-1000876
binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfdgetdynamicrelocupperbound,bfdcanonicalizedynamicreloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be...
binutils: Integer overflow in the display_debug_ranges function resulting in crash
The displaydebugranges function in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service integer overflow and application crash or possibly have unspecified other impact via a crafted ELF file, as demonstrated by objdump...