CLSA-2026-1779093100 binutils: Fix of 6 CVEs

CVE-2022-38533: fix heap buffer overflow in bfdgetl32 from stripmain with crafted COFF file - CVE-2022-47007: fix memory leak in stabdemanglev3arg in stabs.c - CVE-2022-47008: fix memory leak in maketempdir and maketempname in bucomm.c - CVE-2022-47010: fix memory leak in prfunctiontype in...

CLSA-2026-1777949670 binutils: Fix of 8 CVEs

CVE-2025-11412: fix out-of-bounds read in bfdelfgcrecordvtentry - CVE-2025-11413: fix out-of-bounds read in elflinkaddobjectsymbols - CVE-2025-11839: fix abort in tgtagtype with fuzzed input - CVE-2025-11840: fix SEGV from NULL howto name in coff reloc processing - CVE-2025-3198: fix memory leak...

CLSA-2025-1765289777 Fix CVE(s): CVE-2025-11839, CVE-2025-11840

SECURITY UPDATE: remove abort call in debug format printing code - debian/patches/CVE-2025-11839.patch: remove call to abort in the debug format printing code, allowing display of fuzzed input files to complete without triggering an abort - CVE-2025-11839 SECURITY UPDATE: fix SEGV in vfinfo -...

DEBIAN-CVE-2024-26678

In the Linux kernel, the following vulnerability has been resolved: x86/efistub: Use 1:1 file:memory mapping for PE/COFF .compat section The .compat section is a dummy PE section that contains the address of the 32-bit entrypoint of the 64-bit kernel image if it is bootable from 32-bit firmware...

GNU gdb Reuse After Release Vulnerability

GNU gdb is a program debugging tool developed by the GNU open source organization that supports C, C++, Go, Fortran and many other programming languages. GNU gdb suffers from a post-release reuse vulnerability that originates from a confusion in the instruction responsible for freeing memory in t...

AZL-34639 CVE-2023-39129 affecting package crash for versions less than 8.0.4-3

GNU gdb GDB 13.0.50.20220805-git was discovered to contain a heap use after free via the function addpeexportedsym at /gdb/coff-pe-read.c...

GNU gdb 资源管理错误漏洞

GNU gdb is a program debugging tool developed by the GNU open source organization that supports C, C++, Go, Fortran and many other programming languages. GNU gdb suffers from a post-release reuse vulnerability that originates from a confusion in the instruction responsible for freeing memory in t...

binutils: Improper bounds check in coffgen.c:coff_pointerize_aux() allows for denial of service when parsing a crafted COFF file

In the coffpointerizeaux function in coffgen.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, an index is not validated, which allows remote attackers to cause a denial of service segmentation fault or possibly have unspecified other impact via a crafte...

UBUNTU-CVE-2018-7208

In the coffpointerizeaux function in coffgen.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, an index is not validated, which allows remote attackers to cause a denial of service segmentation fault or possibly have unspecified other impact via a crafte...

DEBIAN-CVE-2018-7208

In the coffpointerizeaux function in coffgen.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, an index is not validated, which allows remote attackers to cause a denial of service segmentation fault or possibly have unspecified other impact via a crafte...

GNU Binutils Denial of Service Vulnerability (CNVD-2017-36674)

GNU Binutils is a set of programming tools for creating and managing binary programs, object files, libraries, profile data and assembly source code. A denial of service vulnerability exists in GNU Binutils 2.29.1. The vulnerability arises because the bfdcoffreadstringtable function in coffgen.c ...