CVE-2018-19932

An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils through 2.31. There is an integer overflow and infinite loop caused by the ISCONTAINEDBYLMA macro in elf.c...

CVE-2018-19931

An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils through 2.31. There is a heap-based buffer overflow in bfdelf32swapphdrin in elfcode.h because the number of program headers is not restricted...

GNU Binutils Binary File Descriptor library Integer Overflow Vulnerability

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utilities developed by the GNU Project to work with object files in a variety of formats, with connectors, assemblers, and other tools for object files and archives.The Binary File Descriptor BFD library a.k.a...

GNU Binutils Binary File Descriptor library Heap Buffer Overflow Vulnerability

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utilities developed by the GNU Project to work with object files in a variety of formats, with connectors, assemblers, and other tools for object files and archives.The Binary File Descriptor BFD library a.k.a...

GNU Binutils Stack Depletion Vulnerability

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utilities developed by the GNU Project to work with target files in a variety of formats, with connectors, assemblers, and other tools for working with target files and archives. libiberty is one of the librarie...

GNU Binutils Stack Consumption Vulnerability (CNVD-2018-22381)

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utilities developed by the GNU Project to work with target files in a variety of formats, with connectors, assemblers, and other tools for working with target files and archives. libiberty is one of the librarie...

binutils: NULL pointer dereference in elf.c

The ignoresectionsym function in elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, does not validate the outputsection pointer in the case of a symtab entry with a "SECTION" type that has a "0" value, which allows remote attackers to cause a denial o...

CVE-2018-18701

An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions nextistypequal and cplusdemangletype in cp-demangle.c. Remote attackers could leverage this vulnerability t...

DEBIAN-CVE-2018-18700

An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions dname, dencoding, and dlocalname in cp-demangle.c. Remote attackers could leverage this vulnerability to...

Design/Logic Flaw

An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions dname, dencoding, and dlocalname in cp-demangle.c. Remote attackers could leverage this vulnerability to...

CVE-2018-18700

An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions dname, dencoding, and dlocalname in cp-demangle.c. Remote attackers could leverage this vulnerability to...

CVE-2018-18700

An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions dname, dencoding, and dlocalname in cp-demangle.c. Remote attackers could leverage this vulnerability to...

CVE-2018-18700

An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions dname, dencoding, and dlocalname in cp-demangle.c. Remote attackers could leverage this vulnerability to...

CVE-2018-18701

An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions nextistypequal and cplusdemangletype in cp-demangle.c. Remote attackers could leverage this vulnerability t...

GNU Binutils Binary File Descriptor library heap buffer out-of-bounds read vulnerability

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utilities developed by the GNU Project to work with object files in a variety of formats, with connectors, assemblers, and other tools for object files and archives.The Binary File Descriptor BFD library a.k.a...

CVE-2018-18605

A heap-based buffer over-read issue was discovered in the function secmergehashlookup in merge.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31, because bfdaddmergesection mishandles section merges when size is not a multiple of entsize. A specially...

CVE-2018-18605

A heap-based buffer over-read issue was discovered in the function secmergehashlookup in merge.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31, because bfdaddmergesection mishandles section merges when size is not a multiple of entsize. A specially...

Null pointer dereference

An issue was discovered in the mergestrings function in merge.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in bfdaddmergesection when attempting to merge sections with large alignments. A specially crafted ELF...

CVE-2018-18607

An issue was discovered in elflinkinputbfd in elflink.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in elflinkinputbfd when used for finding STTTLS symbols without any TLS section. A specially crafted ELF allows...

CVE-2018-18606

An issue was discovered in the mergestrings function in merge.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in bfdaddmergesection when attempting to merge sections with large alignments. A specially crafted ELF...