Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2017-1339)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2017-17125

nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global symbols, which allows remote attackers to cause a denial of service bfdelfgetsymbolversionstring buffer over-read and application crash or possibly have unspecified other impact via a crafted ELF file...

Heap overflow

The bfdcoffreadstringtable function in coffgen.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29.1, does not properly validate the size of the external string table, which allows remote attackers to cause a denial of service excessive memory consumption, ...

CVE-2017-17125

nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global symbols, which allows remote attackers to cause a denial of service bfdelfgetsymbolversionstring buffer over-read and application crash or possibly have unspecified other impact via a crafted ELF file...

CVE-2017-17125

nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global symbols, which allows remote attackers to cause a denial of service bfdelfgetsymbolversionstring buffer over-read and application crash or possibly have unspecified other impact via a crafted ELF file...

CVE-2017-17126

The loaddebugsection function in readelf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service invalid memory access and application crash or possibly have unspecified other impact via an ELF file that lacks section headers...

CVE-2017-17123

CVE-2017-17123 affects GNU Binutils’ Binary File Descriptor library (libbfd) in Binutils 2.29.1. The coff_slurp_reloc_table function in coffcode.h can cause a NULL pointer dereference, enabling a remote attacker to crash the application via a crafted COFF file. The initial description specifies t...

CVE-2017-17125

nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global symbols, which allows remote attackers to cause a denial of service bfdelfgetsymbolversionstring buffer over-read and application crash or possibly have unspecified other impact via a crafted ELF file...

CVE-2017-17080

elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29.1, does not validate sizes of core notes, which allows remote attackers to cause a denial of service bfdgetl32 heap-based buffer over-read and application crash via a crafted object file, related to...

Out-of-bounds

The bfdelfparsegnuproperties function in elf-properties.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29.1, does not prevent negative pointers, which allows remote attackers to cause a denial of service out-of-bounds read and application crash or possibl...

CVE-2017-16830

The printgnupropertynote function in readelf.c in GNU Binutils 2.29.1 does not have integer-overflow protection on 32-bit platforms, which allows remote attackers to cause a denial of service segmentation violation and application crash or possibly have unspecified other impact via a crafted ELF...

CVE-2017-16826

The coffslurplinetable function in coffcode.h in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service invalid memory access and application crash or possibly have unspecified other impact via a crafted PE fi...

CVE-2017-16832

The pebfdreadbuildid function in peicode.h in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29.1, does not validate size and offset values in the data dictionary, which allows remote attackers to cause a denial of service segmentation violation and applicatio...