CVE-2017-6969

CVE-2017-6969 affects readelf in GNU Binutils 2.28, describing a heap-based buffer over-read when processing corrupt RL78 binaries. Impact per sources: crashes and potential information leakage. Connected advisories (e.g., RH unpatched BINUTILS entries) list CVE-2017-6969 among vulnerabilities wi...

CVE-2017-6965

readelf in GNU Binutils 2.28 writes to illegal addresses while processing corrupt input files containing symbol-difference relocations, leading to a heap-based buffer overflow...

CVE-2017-6969

readelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer over-read while processing corrupt RL78 binaries. The vulnerability can trigger program crashes. It may lead to an information leak as well...

CVE-2017-6966

readelf in GNU Binutils 2.28 has a use-after-free specifically read-after-free error while processing multiple, relocated sections in an MSP430 binary. This is caused by mishandling of an invalid symbol index, and mishandling of state across invocations...

CVE-2016-4487

Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service segmentation fault and crash via a crafted binary, related to "btypevec."...

Binutils: Multiple vulnerabilities

Background The GNU Binutils are a collection of tools to create, modify and analyse binary files. Many of the files use BFD, the Binary File Descriptor library, to do low-level manipulation. Description Multiple vulnerabilities have been discovered in Binutils. Please review the CVE identifiers...

GLSA-201612-24 : Binutils: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201612-24 Binutils: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Binutils. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a...

GNU binutils bfd/archive.c file do_slurp_bsd_armap function denial of service vulnerability

GNU binutils is a binary toolset for performing basic binary file operations. GNU binutils-2.23 and previous versions of doslurpbsdarmap in the bfd/archive.c file failed to adequately detect parsedsize, resulting in an integer overflow, bypassing exception-checking code, out-of-bounds accesses, a...

Debian DLA-552-1 : binutils security update

Some minor security issues have been identified and fixed in binutils in Debian LTS. These are : CVE-2016-2226 Exploitable buffer overflow. CVE-2016-4487 Invalid write due to a use-after-free to array btypevec. CVE-2016-4488 Invalid write due to a use-after-free to array ktypevec. CVE-2016-4489...

[SECURITY] [DLA 552-1] binutils security update

Package : binutils Version : 2.22-8+deb7u3 CVE ID : CVE-2016-2226 CVE-2016-4487 CVE-2016-4488 CVE-2016-4489 CVE-2016-4490 CVE-2016-4492 CVE-2016-4493 CVE-2016-6131 Some minor security issues have been identified and fixed in binutils in Debian LTS. These are: CVE-2016-2226 Exploitable buffer...

DLA-552-1 binutils - security update

Bulletin has no description...

Fedora 24 : binutils-2.26-18.fc24 / kernel-4.5.2-301.fc24 (2016-7f37d42add)

The 4.5.2 stable update contains a number of important fixes across the tree. This build should also boot on some of the i686 systems that would not boot before. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable ha...

Fedora Update for binutils FEDORA-2016-7

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 24 Update: binutils-2.26-18.fc24

Binutils is a collection of binary utilities, including ar for creating, modifying and extracting from archives, as a family of GNU assemblers, gprof for displaying call graph profile data, ld the GNU linker, nm for listing symbols from object files, objcopy for copying and translating object...

openSUSE Security Update : openldap2 (openSUSE-2016-102) (Logjam)

This update fixes the following security issues : - CVE-2015-6908: The bergetnext function allowed remote attackers to cause a denial of service reachable assertion and application crash via crafted BER data, as demonstrated by an attack against slapd. bsc945582 - CVE-2015-4000: Fix weak...

openSUSE: Security Advisory for openldap2 (openSUSE-SU-2016:0255-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for openldap2 (important)

This update fixes the following security issues: - CVE-2015-6908: The bergetnext function allowed remote attackers to cause a denial of service reachable assertion and application crash via crafted BER data, as demonstrated by an attack against slapd. bsc945582 - CVE-2015-4000: Fix weak...

openSUSE: Security Advisory for openldap2 (openSUSE-SU-2016:0226-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : openldap2 (openSUSE-2016-92) (Logjam)

This update fixes the following security issues : - CVE-2015-6908: The bergetnext function allowed remote attackers to cause a denial of service reachable assertion and application crash via crafted BER data, as demonstrated by an attack against slapd. bsc945582 - CVE-2015-4000: Fix weak...

Security update for openldap2 (important)

This update fixes the following security issues: - CVE-2015-6908: The bergetnext function allowed remote attackers to cause a denial of service reachable assertion and application crash via crafted BER data, as demonstrated by an attack against slapd. bsc945582 - CVE-2015-4000: Fix weak...