Lucene search
K

67 matches found

NVD
NVD
added 2018/12/07 7:29 a.m.10 views

CVE-2018-19932

An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils through 2.31. There is an integer overflow and infinite loop caused by the ISCONTAINEDBYLMA macro in elf.c...

5.5CVSS6.4AI score0.01977EPSS
Exploits1References8
Prion
Prion
added 2018/12/07 7:29 a.m.23 views

Integer overflow

An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils through 2.31. There is an integer overflow and infinite loop caused by the ISCONTAINEDBYLMA macro in elf.c...

4.3CVSS6.3AI score0.01977EPSS
Exploits1References8Affected Software2
CVE
CVE
added 2018/12/07 7:0 a.m.190 views

CVE-2018-19932

CVE-2018-19932 affects GNU Binutils libbfd. The issue is an integer overflow and infinite loop caused by the IS_CONTAINED_BY_LMA macro in elf.c. Public docs describe it as a vulnerability in binutils through 2.31 with potential stability/denial effects; remediation quoted in connected sources is ...

5.5CVSS6.3AI score0.01977EPSS
Exploits1References8Affected Software1
AlpineLinux
AlpineLinux
added 2018/12/07 7:0 a.m.52 views

CVE-2018-19932

An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils through 2.31. There is an integer overflow and infinite loop caused by the ISCONTAINEDBYLMA macro in elf.c...

5.5CVSS6.7AI score0.01977EPSS
Exploits1
NVD
NVD
added 2018/04/29 3:29 p.m.17 views

CVE-2018-10535

The ignoresectionsym function in elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, does not validate the outputsection pointer in the case of a symtab entry with a "SECTION" type that has a "0" value, which allows remote attackers to cause a denial o...

5.5CVSS6AI score0.02236EPSS
Exploits0References6
OSV
OSV
added 2018/03/22 9:29 p.m.3 views

ALPINE-CVE-2018-8945

The bfdsectionfromshdr function in elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service segmentation fault via a large attribute section...

5.5CVSS6.7AI score0.02057EPSS
Exploits1References1
AlpineLinux
AlpineLinux
added 2018/03/22 9:0 p.m.61 views

CVE-2018-8945

The bfdsectionfromshdr function in elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service segmentation fault via a large attribute section...

5.5CVSS6.3AI score0.02057EPSS
Exploits1
NVD
NVD
added 2018/02/28 9:29 p.m.19 views

CVE-2018-7570

The assignfilepositionsfornonloadsections function in elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via an ELF file with a RELRO segment that lack...

5.5CVSS6.1AI score0.01508EPSS
Exploits0References5
AlpineLinux
AlpineLinux
added 2018/02/28 9:0 p.m.65 views

CVE-2018-7570

The assignfilepositionsfornonloadsections function in elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via an ELF file with a RELRO segment that lack...

5.5CVSS6.3AI score0.01508EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2017/12/11 3:51 p.m.35 views

CVE-2017-17080

elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29.1, does not validate sizes of core notes, which allows remote attackers to cause a denial of service bfdgetl32 heap-based buffer over-read and application crash via a crafted object file, related to...

5.5CVSS5.1AI score0.01289EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/11/30 9:29 p.m.37 views

CVE-2017-17080

elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29.1, does not validate sizes of core notes, which allows remote attackers to cause a denial of service bfdgetl32 heap-based buffer over-read and application crash via a crafted object file, related to...

5.5CVSS7AI score0.01289EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/11/30 9:0 p.m.23 views

CVE-2017-17080

elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29.1, does not validate sizes of core notes, which allows remote attackers to cause a denial of service bfdgetl32 heap-based buffer over-read and application crash via a crafted object file, related to...

6AI score0.01289EPSS
Exploits0References2
CVE
CVE
added 2017/11/30 9:0 p.m.77 views

CVE-2017-17080

CVE-2017-17080 affects the GNU Binutils libbfd/elf.c implementation. It does not validate core-note sizes in ELF files, allowing a crafted object file to trigger a heap-based read (bfd_getl32) and crash the application, i.e., a DoS. The description specifies Binutils 2.29.1 as the distributed ver...

5.5CVSS5.9AI score0.01289EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2017/11/30 9:0 p.m.50 views

CVE-2017-17080

elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29.1, does not validate sizes of core notes, which allows remote attackers to cause a denial of service bfdgetl32 heap-based buffer over-read and application crash via a crafted object file, related to...

5.5CVSS6.7AI score0.01289EPSS
Exploits0
Prion
Prion
added 2017/11/01 5:29 p.m.23 views

Memory corruption

In radare 2.0.1, a memory corruption vulnerability exists in storeversioninfognuverdef and storeversioninfognuverneed in libr/bin/format/elf/elf.c, as demonstrated by an invalid free. This error is due to improper shsize validation when allocating memory...

6.8CVSS7.7AI score0.01033EPSS
Exploits1References2Affected Software1
UbuntuCve
UbuntuCve
added 2017/11/01 5:29 p.m.33 views

CVE-2017-16357

In radare 2.0.1, a memory corruption vulnerability exists in storeversioninfognuverdef and storeversioninfognuverneed in libr/bin/format/elf/elf.c, as demonstrated by an invalid free. This error is due to improper shsize validation when allocating memory...

7.8CVSS7.1AI score0.01033EPSS
Exploits1References3
OSV
OSV
added 2017/11/01 5:29 p.m.21 views

CVE-2017-16359

In radare 2.0.1, a pointer wraparound vulnerability exists in storeversioninfognuverdef in libr/bin/format/elf/elf.c...

5.5CVSS6.8AI score0.01172EPSS
Exploits1References4
NVD
NVD
added 2017/11/01 5:29 p.m.21 views

CVE-2017-16357

In radare 2.0.1, a memory corruption vulnerability exists in storeversioninfognuverdef and storeversioninfognuverneed in libr/bin/format/elf/elf.c, as demonstrated by an invalid free. This error is due to improper shsize validation when allocating memory...

7.8CVSS7.8AI score0.01033EPSS
Exploits1References2
Cvelist
Cvelist
added 2017/11/01 5:0 p.m.24 views

CVE-2017-16359

In radare 2.0.1, a pointer wraparound vulnerability exists in storeversioninfognuverdef in libr/bin/format/elf/elf.c...

5.4AI score0.01172EPSS
Exploits1References4
Cvelist
Cvelist
added 2017/11/01 5:0 p.m.22 views

CVE-2017-16357

In radare 2.0.1, a memory corruption vulnerability exists in storeversioninfognuverdef and storeversioninfognuverneed in libr/bin/format/elf/elf.c, as demonstrated by an invalid free. This error is due to improper shsize validation when allocating memory...

7.7AI score0.01033EPSS
Exploits1References2
Rows per page
Query Builder