12 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-20284
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in bfdelfslurpsecondaryrelocsection in elf.c due to the number of symbols n...
RHEL 8 : gcc-toolset-10-binutils (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - binutils: Heap-based buffer overflow in bfdelfslurpsecondaryrelocsection in elf.c CVE-2021-20284 Note that Nessus h...
RockyLinux 8 : binutils (RLSA-2021:4364)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:4364 advisory. binutils: Excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c readsection CVE-2021-3487 binutils: Race window allows...
Security Bulletin: Multiple vulnerabilities in GNU binutils affect IBM Netezza Analytics for NPS
Summary GNU binutils is used by IBM Netezza Analytics for NPS. IBM Netezza Analytics for NPS has addressed the applicable CVEs by upgrading GNU binutils to version 2.36. Vulnerability Details CVEID: CVE-2021-20284 DESCRIPTION: GNU Binutils is vulnerable to a denial of service, caused by a...
AlmaLinux 8 : binutils (ALSA-2021:4364)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:4364 advisory. binutils: Excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c readsection CVE-2021-3487 binutils: Race window allows use...
openSUSE 15 Security Update : binutils (openSUSE-SU-2021:1475-1)
The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1475-1 advisory. Update to binutils 2.37: The GNU Binutils sources now requires a C99 compiler and library to build. Support for Realm Management Extension RME fo...
ALSA-2021:4364 Moderate: binutils security update
The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Security Fixes: binutils: Excessive debug...
Moderate: binutils security update
The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Security Fixes: binutils: Excessive debug...
SUSE SLED15: binutils / binutils-devel / binutils-devel-32bit / binutils-gold / etc (SUSE-SU-2021:3616-1)
The remote SUSE Linux SLED15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3616-1 advisory. Update to binutils 2.37: The GNU Binutils sources now requires a C99 compiler and library to build. Support for Realm...
Security Bulletin: Multiple vulnerabilities in GNU binutils affect IBM Netezza Analytics
Summary GNU binutils is used by IBM Netezza Analytics. IBM Netezza Analytics has addressed the applicable CVEs by upgrading GNU binutils to latest version 2.36.1 Vulnerability Details CVEID: CVE-2021-20284 DESCRIPTION: GNU Binutils is vulnerable to a denial of service, caused by a heap-based buff...
CVE-2021-20284
CVE-2021-20284 affects GNU Binutils (version 2.35.1) with a heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section (elf.c) caused by incorrect calculation of the number of symbols. The vulnerability is described as having a highest impact on availability. The provided materials iden...
CVE-2021-20284
A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in bfdelfslurpsecondaryrelocsection in elf.c due to the number of symbols not calculated correctly. The highest threat from this vulnerability is to system availability...