5928 matches found
CVE-2017-15024
CVE-2017-15024 is a vulnerability in the Binary File Descriptor (BFD) library (GNU Binutils) as distributed with Binutils 2.29, affecting the dwarf2.c implementation. The issue arises in the function find_abstract_instance_name in dwarf2.c, where processing a crafted ELF file can trigger an infin...
CVE-2017-15025
CVE-2017-15025 affects GNU Binutils (libbfd) as distributed with Binutils 2.29. The vulnerability is in decode_line_info within dwarf2.c and can be exploited via a crafted ELF file to trigger a divide-by-zero and crash the application, constituting a denial of service. The connected documents (in...
CVE-2017-15023
The CVE-2017-15023 issue affects GNU Binutils 2.29 (Binary File Descriptor libbfd). Specifically, read_formatted_entries in dwarf2.c mishandles the format count, allowing a crafted ELF file to trigger a denial of service via a NULL pointer dereference related to concat_filename. This vulnerabilit...
CVE-2017-15020
dwarf1.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, mishandles pointers, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted ELF file, related to parsedie and...
CVE-2017-15022
dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, does not validate the DWATname data type, which allows remote attackers to cause a denial of service bfdhashhash NULL pointer dereference, or out-of-bounds access, and application crash via a craft...
CVE-2017-15020
CVE-2017-15020 affects dwarf1.c in the Binary File Descriptor (BFD) library (libbfd) as distributed in GNU Binutils 2.29. The root cause is pointer mismanagement in parse_die and parse_line_table, demonstrated by a parse_die heap-based buffer over-read via a crafted ELF file. Impact is a denial o...
CVE-2017-15023
readformattedentries in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, does not properly validate the format count, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted ELF file...
CVE-2017-15024
findabstractinstancename in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service infinite recursion and application crash via a crafted ELF file...
CVE-2017-15025
decodelineinfo in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted ELF file...
Null pointer dereference
The getsyntheticsymtab functions in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, mishandle the failure of a certain canonicalization step, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a...
CVE-2017-14974
The getsyntheticsymtab functions in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, mishandle the failure of a certain canonicalization step, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a...
UBUNTU-CVE-2017-14974
The getsyntheticsymtab functions in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, mishandle the failure of a certain canonicalization step, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a...
DEBIAN-CVE-2017-14974
The getsyntheticsymtab functions in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, mishandle the failure of a certain canonicalization step, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a...
CVE-2017-14974
CVE-2017-14974 affects the Binary File Descriptor (BFD) library in GNU Binutils 2.29. The _get_synthetic_symtab functions mishandle the failure of a canonicalization step, which can trigger a NULL pointer dereference when processing crafted ELF files. This results in a denial of service (applicat...
CVE-2017-14938
bfdelfslurpversiontables in elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service excessive memory allocation and application crash via a crafted ELF file...
CVE-2017-14940
scanunitforsymbols in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted ELF file...
CVE-2017-14938
bfdelfslurpversiontables in elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service excessive memory allocation and application crash via a crafted ELF file...
CVE-2017-14933
readformattedentries in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service infinite loop via a crafted ELF file...
CVE-2017-14932
decodelineinfo in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service infinite loop via a crafted ELF file...
CVE-2017-14930
Memory leak in decodelineinfo in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service memory consumption via a crafted ELF file...