294 matches found
GNU Binutils 'opcodes/i386-dis.c' File Denial of Service Vulnerability
GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utility programs developed by the GNU Project to work with target files in a variety of formats, with connectors, assemblers, and other tools for target files and archives. A security vulnerability exists in the...
DEBIAN-CVE-2017-9744
The shelfsetmachfromflags function in bfd/elf32-sh.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary...
DEBIAN-CVE-2017-9755
opcodes/i386-dis.c in GNU Binutils 2.28 does not consider the number of registers for bnd mode, which allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of...
Unspecified Vulnerability in GNU Binutils
GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utility programs developed by the GNU Project to work with target files in a variety of formats, with connectors, assemblers, and other tools for target files and archives. A security vulnerability exists in GNU...
UBUNTU-CVE-2017-8398
dwarf.c in GNU Binutils 2.28 is vulnerable to an invalid read of size 1 during dumping of debug information from a corrupt binary. This vulnerability causes programs that conduct an analysis of binary programs, such as objdump and readelf, to crash...
GNU Binutils Binary File Descriptor Remote Denial of Service Vulnerability
GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utilities developed by the GNU Project to work with object files in a variety of formats, with connectors, assemblers, and other tools for object files and archives.The Binary File Descriptor BFD library a.k.a...
DEBIAN-CVE-2017-7299
The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, has an invalid read of size 8 because the code to emit relocs bfdelffinallink function in bfd/elflink.c does not check the format of the input file before trying to read the ELF reloc section header. The...
CVE-2017-7226
The peILFobjectp function in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to a heap-based buffer over-read of size 4049 because it uses the strlen function instead of strnlen, leading to program crashes in several utilities such as addr2lin...
CVE-2017-6969
readelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer over-read while processing corrupt RL78 binaries. The vulnerability can trigger program crashes. It may lead to an information leak as well...
binutils: out-of-bounds write when parsing specially crafted PE executable
A stack-based buffer overflow flaw was found in the way various binutils utilities processed certain files. If a user were tricked into processing a specially crafted file, it could cause the utility used to process that file to crash or, potentially, execute arbitrary code with the privileges of...
DEBIAN-CVE-2014-8503
Stack-based buffer overflow in the ihexscan function in bfd/ihex.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly have other unspecified impact via a crafted ihex file...
DEBIAN-CVE-2014-8502
Heap-based buffer overflow in the peprintedata function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly have other unspecified impact via a truncated export table in a PE file...
CVE-2014-8485
The setupgroup function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via crafted section group headers in an ELF file...
UBUNTU-CVE-2014-8504
Stack-based buffer overflow in the srecscan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly have other unspecified impact via a crafted file...