GNU Binutils Denial of Service Vulnerability (CNVD-2018-12117)

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utility programs developed by the GNU Project to work with target files in a variety of formats, with connectors, assemblers, and other tools for target files and archives.GNU libiberty is one of the GNU program...

GNU Binutils Buffer Overflow Vulnerability (CNVD-2018-12047)

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utility programs developed by the GNU Project to work with target files in a variety of formats, with connectors, assemblers, and other tools for target files and archives. A security vulnerability exists in the...

CVE-2018-12700

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

Heap overflow

finishstab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump...

Null pointer dereference

A NULL pointer dereference aka SEGV on unknown address 0x000000000000 was discovered in workstuffcopytofrom in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump...

Design/Logic Flaw

demangletemplate in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption aka OOM during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of objdump...

CVE-2018-12699

finishstab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump...

CVE-2018-12698

demangletemplate in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption aka OOM during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of objdump...

CVE-2018-12697

A NULL pointer dereference aka SEGV on unknown address 0x000000000000 was discovered in workstuffcopytofrom in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump...

CVE-2018-12698

CVE-2018-12698 affects GNU Binutils’ libiberty, specifically the demangle_template function in cplus-dem.c (Binutils 2.30). It allows attackers to trigger excessive memory consumption (OOM) during objdump execution due to a memory-management issue in demangle_template. Multiple connected advisori...

CVE-2018-12699

CVE-2018-12699 (finish_stab in stabs.c, GNU Binutils) allows heap-based buffer overflow during objdump execution, leading to denial of service and possibly other impact. Connected records extend the issue to stab_xcoff_builtin_type in stabs.c (Binutils through 2.37), noted as related and arising ...

CVE-2018-12698

demangletemplate in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption aka OOM during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of objdump...

CVE-2018-12700

Removed by vendor...

Stack overflow

An issue was discovered in armpt in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demanglearmhptemplate, demangleclassname, demanglefundtype, dotype, doarg,...

CVE-2018-12641

An issue was discovered in armpt in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demanglearmhptemplate, demangleclassname, demanglefundtype, dotype, doarg,...

CVE-2018-12641

CVE-2018-12641 affects GNU Binutils 2.30, causing stack exhaustion in the libiberty C++ demangling code (arm_pt in cplus-dem.c) during nm-new due to recursive stack frames (demangle_arm_hp_template, demangle_class_name, demangle_fund_type, do_type, do_arg, demangle_args, demangle_nested_args). Th...

Security Bulletin: Multiple vulnerabilities in Gnu binutils affect PowerKVM

Summary PowerKVM is affected by several vulnerabilities in Gnu binutils. These vulnerabilities are now fixed. Vulnerability Details CVEID: CVE-2014-8737 DESCRIPTION: GNU Binutils could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL...

CVE-2018-10534

The bfdXXbfdcopyprivatebfddatacommon function in peXXigen.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, processes a negative Data Directory size with an unbounded loop that increases the value of externalIMAGEDEBUGDIRECTORY edd so that the address...

GNU Binutils Binary File Descriptor Library Denial of Service Vulnerability (CNVD-2018-09227)

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utilities developed by the GNU Project to work with object files in a variety of formats, with connectors, assemblers, and other tools for object files and archives.The Binary File Descriptor BFD library a.k.a...

GNU Binutils Binary File Descriptor Library Denial of Service Vulnerability (CNVD-2018-09562)

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utilities developed by the GNU Project to work with object files in a variety of formats, with connectors, assemblers, and other tools for object files and archives.The Binary File Descriptor BFD library a.k.a...