EUVD-2017-4029

Malware in sbrugna...

RHEL 7 : binutils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - binutils: heap-based buffer overflow in finishstab in stabs.c CVE-2018-12699 - The bfdvmssavesizedstring...

RHEL 5 : binutils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - binutils: heap-based buffer overflow in finishstab in stabs.c CVE-2018-12699 - The bfdvmssavesizedstring...

SUSE CVE-2017-14930

Memory leak in decodelineinfo in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service memory consumption via a crafted ELF file...

EulerOS 2.0 SP2 : binutils (EulerOS-SA-2019-2450)

According to the versions of the binutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and 2.30. Stack Exhaustion occurs in the C++...

CVE-2017-15938

dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, miscalculates DWFORMrefaddr die refs in the case of a relocatable object file, which allows remote attackers to cause a denial of service findabstractinstancename invalid memory read, segmentation...

CVE-2017-15939

dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, mishandles NULL files in a .debugline file table, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted ELF file, related to...

CVE-2017-15996

elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service excessive memory allocation or possibly have unspecified other impact via a crafted ELF file that triggers a "buffer overflow on fuzzed archive header," related to an uninitialized variable, an improper...

CVE-2017-15996

elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service excessive memory allocation or possibly have unspecified other impact via a crafted ELF file that triggers a "buffer overflow on fuzzed archive header," related to an uninitialized variable, an improper...

Null pointer dereference

dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, mishandles NULL files in a .debugline file table, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted ELF file, related to...

CVE-2017-15938

CVE-2017-15938 affects the Binary File Descriptor (BFD) library (GNU Binutils 2.29). The flaw in dwarf2.c miscalculates DW_FORM_ref_addr die refs for relocatable objects, allowing a remote attacker to trigger a denial of service via an invalid memory read, leading to segmentation fault and applic...

CVE-2017-15225

Technical details about CVE-2017-15225 (affected product/version, exploitability, remediation) are not provided in the connected documents. Monitor for updates from the sources for any concrete technical specifics.

CVE-2017-15023

readformattedentries in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, does not properly validate the format count, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted ELF file...

CVE-2017-14938

bfdelfslurpversiontables in elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service excessive memory allocation and application crash via a crafted ELF file...

CVE-2017-14939

decodelineinfo in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, mishandles a length calculation, which allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted ELF file, related to...

CVE-2017-14745

The getsyntheticsymtab functions in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, interpret a -1 value as a sorting count instead of an error flag, which allows remote attackers to cause a denial of service integer overflow and application crash or possib...

CVE-2017-14729

The getsyntheticsymtab functions in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, do not ensure a unique PLT entry for a symbol, which allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have...

CVE-2017-15025

decodelineinfo in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted ELF file...

CVE-2017-15021

bfdgetdebuglinkinfo1 in opncls.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted ELF file, related to bfdgetl32...

CVE-2017-15020

dwarf1.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, mishandles pointers, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted ELF file, related to parsedie and...