CVE-2017-7304

CVE-2017-7304 affects the GNU Binutils BFD library (libbfd) as distributed in Binutils 2.28. The vulnerability is an invalid read (size 8) caused by a missing check for an invalid sh_link in copy_special_section_fields before following it, which can crash Binutils utilities such as strip. The pro...

CVE-2017-7304

The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 8 because of missing a check in the copyspecialsectionfields function for an invalid shlink field before attempting to follow it. This vulnerability causes Binutils...

CVE-2017-7300

The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, has an aoutlinkaddsymbols function in bfd/aoutx.h that is vulnerable to a heap-based buffer over-read off-by-one because of an incomplete check for invalid string offsets while loading symbols, leading to a GN...

CVE-2017-7300

The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, has an aoutlinkaddsymbols function in bfd/aoutx.h that is vulnerable to a heap-based buffer over-read off-by-one because of an incomplete check for invalid string offsets while loading symbols, leading to a GN...

CVE-2017-7303

The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 4 because of missing a check in the findlink function for null headers before attempting to match them. This vulnerability causes Binutils utilities like strip to crash...

CVE-2017-7303

The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 4 because of missing a check in the findlink function for null headers before attempting to match them. This vulnerability causes Binutils utilities like strip to crash...

CVE-2017-7303

CVE-2017-7303 : The Binary File Descriptor (BFD) library (libbfd) in GNU Binutils 2.28 contains an invalid read of size 4 caused by a missing null-header check in find_link, which can cause Binutils utilities like strip to crash. The connected documents corroborate Binutils/BFD-related issues and...

CVE-2017-7210

objdump in GNU Binutils 2.28 is vulnerable to multiple heap-based buffer over-reads of size 1 and size 8 while handling corrupt STABS enum type strings in a crafted object file, leading to program crash...

CVE-2017-6966

A vulnerability was found in readelf; part of binutils. A crafted executable or shared library could cause use-after-free and out-of-bounds writes, leading to a crash or possible code execution...

CVE-2017-7227

GNU linker ld in GNU Binutils 2.28 is vulnerable to a heap-based buffer overflow while processing a bogus input script, leading to a program crash. This relates to lack of '\0' termination of a name field in ldlex.l...

CVE-2017-7226

The peILFobjectp function in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to a heap-based buffer over-read of size 4049 because it uses the strlen function instead of strnlen, leading to program crashes in several utilities such as addr2lin...

CVE-2017-7225

The findnearestline function in addr2line in GNU Binutils 2.28 does not handle the case where the main file name and the directory name are both empty, triggering a NULL pointer dereference and an invalid write, and leading to a program crash...

CVE-2017-7224

The findnearestline function in objdump in GNU Binutils 2.28 is vulnerable to an invalid write of size 1 while disassembling a corrupt binary that contains an empty function name, leading to a program crash...

GNU Binutils Buffer Overflow Vulnerability (CNVD-2017-04416)

GNU Binutils is a set of programming language utility programs developed by the GNU Project to work with target files in a variety of formats, with connectors, assemblers and other tools for target files and archives. A security vulnerability exists in the 'findnearestline' function of objdump in...

GNU Binutils 'pe_ILF_object_p' Function Buffer Overflow Vulnerability

GNU Binutils is a set of programming language utility programs developed by the GNU Project to work with target files in a variety of formats, with connectors, assemblers and other tools for target files and archives. A stack buffer overflow vulnerability exists in the 'peILFobjectp' function in...

GNU Binutils GNU linker (ld) Buffer Overflow Vulnerability

GNU Binutils is a set of programming language utility programs developed by the GNU Project to work with target files in a variety of formats, with connectors, assemblers and other tools for target files and archives. A heap buffer overflow vulnerability exists in GNU Binutils GNU linker ld. A...

GNU Binutils Buffer Overflow Vulnerability (CNVD-2017-03608)

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utility programs developed by the GNU Project to work with target files in a variety of formats, with connectors, assemblers, and other tools for target files and archives. A buffer overflow vulnerability exists...

GNU Binutils 'find_nearest_line' Function Denial of Service Vulnerability

GNU Binutils is a set of programming language utility programs developed by the GNU Project to work with target files in a variety of formats, with connectors, assemblers and other tools for target files and archives. A security vulnerability exists in the 'findnearestline' function of the...

Design/Logic Flaw

The findnearestline function in objdump in GNU Binutils 2.28 is vulnerable to an invalid write of size 1 while disassembling a corrupt binary that contains an empty function name, leading to a program crash...

CVE-2017-7224

The findnearestline function in objdump in GNU Binutils 2.28 is vulnerable to an invalid write of size 1 while disassembling a corrupt binary that contains an empty function name, leading to a program crash...