Lucene search
K

5929 matches found

OSV
OSV
added 2018/10/23 5:29 p.m.3 views

DEBIAN-CVE-2018-18606

An issue was discovered in the mergestrings function in merge.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in bfdaddmergesection when attempting to merge sections with large alignments. A specially crafted ELF...

5.5CVSS7.4AI score0.02239EPSS
Exploits1References1
OSV
OSV
added 2018/10/23 5:29 p.m.2 views

UBUNTU-CVE-2018-18605

A heap-based buffer over-read issue was discovered in the function secmergehashlookup in merge.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31, because bfdaddmergesection mishandles section merges when size is not a multiple of entsize. A specially...

5.5CVSS6.9AI score0.02331EPSS
Exploits1References4
OSV
OSV
added 2018/10/23 5:29 p.m.2 views

DEBIAN-CVE-2018-18605

A heap-based buffer over-read issue was discovered in the function secmergehashlookup in merge.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31, because bfdaddmergesection mishandles section merges when size is not a multiple of entsize. A specially...

5.5CVSS6.5AI score0.02331EPSS
Exploits1References1
CVE
CVE
added 2018/10/23 5:0 p.m.168 views

CVE-2018-18607

CVE-2018-18607 is a NULL pointer dereference in elf_link_input_bfd (elfin GNU Binutils libbfd) when locating STT_TLS symbols without a TLS section. A crafted ELF can cause denial of service (DoS); impact is consistent with DoS in affected Binutils 2.31, including remote triggering via ld in demon...

5.5CVSS6AI score0.02239EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2018/10/23 5:0 p.m.23 views

CVE-2018-18605

A heap-based buffer over-read issue was discovered in the function secmergehashlookup in merge.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31, because bfdaddmergesection mishandles section merges when size is not a multiple of entsize. A specially...

6.3AI score0.02331EPSS
Exploits1References7
Cvelist
Cvelist
added 2018/10/23 5:0 p.m.23 views

CVE-2018-18606

An issue was discovered in the mergestrings function in merge.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in bfdaddmergesection when attempting to merge sections with large alignments. A specially crafted ELF...

6.1AI score0.02239EPSS
Exploits1References7
CVE
CVE
added 2018/10/23 5:0 p.m.158 views

CVE-2018-18606

CVE-2018-18606 affects GNU Binutils (libbfd). The issue is a NULL pointer dereference in _bfd_add_merge_section during merging of sections with large alignments, enabling DoS via crafted ELF. Multiple vendors document this under Binutils remediation; confirmed fixes involve upgrading Binutils to ...

5.5CVSS6AI score0.02239EPSS
Exploits1References7Affected Software1
CVE
CVE
added 2018/10/23 5:0 p.m.172 views

CVE-2018-18605

CVE-2018-18605 affects GNU Binutils libbfd (BFD) where a heap-based buffer over-read occurs in sec_merge_hash_lookup during section merges when entsize does not divide the size. This can allow remote DoS via specially crafted ELF (as demonstrated by ld). Affected products reference Binutils 2.31;...

5.5CVSS6.1AI score0.02331EPSS
Exploits1References7Affected Software1
Debian CVE
Debian CVE
added 2018/10/23 5:0 p.m.25 views

CVE-2018-18607

An issue was discovered in elflinkinputbfd in elflink.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in elflinkinputbfd when used for finding STTTLS symbols without any TLS section. A specially crafted ELF allows...

5.5CVSS6.3AI score0.02239EPSS
Exploits1
OPENSUSE Linux
OPENSUSE Linux
added 2018/10/23 3:22 p.m.151 views

Security update for binutils (moderate)

This update for binutils to version 2.31 fixes the following issues: These security issues were fixed: - CVE-2017-15996: readelf allowed remote attackers to cause a denial of service excessive memory allocation or possibly have unspecified other impact via a crafted ELF file that triggered a buff...

6.8CVSS3.8AI score0.05944EPSS
Exploits18References27
CNVD
CNVD
added 2018/10/19 12:0 a.m.2 views

GNU libiberty Denial of Service Vulnerability

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utilities developed by the GNU Project to work with target files in a variety of formats, with connectors, assemblers, and other tools for working with target files and archives. libiberty is one of the librarie...

7.8CVSS7AI score0.02373EPSS
Exploits1References1
CNVD
CNVD
added 2018/10/19 12:0 a.m.2 views

GNU Binutils 'elf_link_input_bfd' Function Denial of Service Vulnerability

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utilities developed by the GNU Project to work with object files in a variety of formats, with connectors, assemblers, and other tools for object files and archives.The Binary File Descriptor BFD library a.k.a...

5.5CVSS6.3AI score0.01893EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2018/10/19 12:0 a.m.38 views

openSUSE Security Update : binutils (openSUSE-2018-1198)

This update for binutils to 2.31 fixes the following issues : These security issues were fixed : - CVE-2017-15996: readelf allowed remote attackers to cause a denial of service excessive memory allocation or possibly have unspecified other impact via a crafted ELF file that triggered a buffer...

9.8CVSS7.1AI score0.08544EPSS
Exploits26References106
OpenVAS
OpenVAS
added 2018/10/19 12:0 a.m.41 views

openSUSE: Security Advisory for binutils (openSUSE-SU-2018:3223-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.1AI score0.08544EPSS
Exploits26References2
OSV
OSV
added 2018/10/18 9:29 p.m.24 views

CVE-2018-18483

The getcount function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service malloc called with the result of an integer-overflowing calculation or possibly have unspecified other impact via a crafted string, as demonstrated by...

7.8CVSS7.9AI score
Exploits0References7
NVD
NVD
added 2018/10/18 9:29 p.m.13 views

CVE-2018-18483

The getcount function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service malloc called with the result of an integer-overflowing calculation or possibly have unspecified other impact via a crafted string, as demonstrated by...

7.8CVSS6.7AI score0.02373EPSS
Exploits1References7
OSV
OSV
added 2018/10/18 9:29 p.m.1 views

DEBIAN-CVE-2018-18483

The getcount function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service malloc called with the result of an integer-overflowing calculation or possibly have unspecified other impact via a crafted string, as demonstrated by...

7.8CVSS7.2AI score0.02373EPSS
Exploits1References1
OSV
OSV
added 2018/10/18 9:29 p.m.1 views

DEBIAN-CVE-2018-18484

An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack consumption problem caused by recursive stack frames: cplusdemangletype, dbarefunctiontype,...

5.5CVSS6.8AI score0.01893EPSS
Exploits1References1
OSV
OSV
added 2018/10/18 9:29 p.m.25 views

CVE-2018-18484

An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack consumption problem caused by recursive stack frames: cplusdemangletype, dbarefunctiontype,...

5.5CVSS7.1AI score
Exploits0References6
OSV
OSV
added 2018/10/18 9:29 p.m.3 views

UBUNTU-CVE-2018-18484

An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack consumption problem caused by recursive stack frames: cplusdemangletype, dbarefunctiontype,...

5.5CVSS6.8AI score0.01893EPSS
Exploits1References5
Rows per page
Query Builder