GNU Binutils Denial of Service Vulnerability (CNVD-2017-36675)

GNU Binutils is a set of programming tools for creating and managing binary programs, object files, libraries, profile data and assembly source code. A denial of service vulnerability exists in GNU Binutils 2.29.1. The vulnerability arises because nm.c and objdump.c in GNU Binutils fail to proper...

GNU Binutils Denial of Service Vulnerability (CNVD-2017-36674)

GNU Binutils is a set of programming tools for creating and managing binary programs, object files, libraries, profile data and assembly source code. A denial of service vulnerability exists in GNU Binutils 2.29.1. The vulnerability arises because the bfdcoffreadstringtable function in coffgen.c ...

CVE-2017-17125

nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global symbols, which allows remote attackers to cause a denial of service bfdelfgetsymbolversionstring buffer over-read and application crash or possibly have unspecified other impact via a crafted ELF file...

CVE-2017-17126

The loaddebugsection function in readelf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service invalid memory access and application crash or possibly have unspecified other impact via an ELF file that lacks section headers...

CVE-2017-17121

The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service memory access violation or possibly have unspecified other impact via a COFF binary in which a relocation refers to a location after the end of the...

CVE-2017-17121

The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service memory access violation or possibly have unspecified other impact via a COFF binary in which a relocation refers to a location after the end of the...

Integer overflow

The dumprelocsinsection function in objdump.c in GNU Binutils 2.29.1 does not check for reloc count integer overflows, which allows remote attackers to cause a denial of service excessive memory allocation, or heap-based buffer overflow and application crash or possibly have unspecified other...

CVE-2017-17125

nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global symbols, which allows remote attackers to cause a denial of service bfdelfgetsymbolversionstring buffer over-read and application crash or possibly have unspecified other impact via a crafted ELF file...

CVE-2017-17125

nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global symbols, which allows remote attackers to cause a denial of service bfdelfgetsymbolversionstring buffer over-read and application crash or possibly have unspecified other impact via a crafted ELF file...

Heap overflow

The bfdcoffreadstringtable function in coffgen.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29.1, does not properly validate the size of the external string table, which allows remote attackers to cause a denial of service excessive memory consumption, ...

CVE-2017-17126

The loaddebugsection function in readelf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service invalid memory access and application crash or possibly have unspecified other impact via an ELF file that lacks section headers...

CVE-2017-17122

The dumprelocsinsection function in objdump.c in GNU Binutils 2.29.1 does not check for reloc count integer overflows, which allows remote attackers to cause a denial of service excessive memory allocation, or heap-based buffer overflow and application crash or possibly have unspecified other...

CVE-2017-17126

CVE-2017-17126 affects GNU Binutils 2.29.1. The load_debug_section function in readelf.c may be triggered by an ELF file that lacks section headers, allowing remote attackers to cause a denial of service via invalid memory access and application crash (potentially other impact, as noted in the de...

CVE-2017-17122

CVE-2017-17122 affects GNU Binutils 2.29.1 (dump_relocs_in_section in objdump.c). The vulnerability arises from not checking reloc count, enabling an integer overflow that can lead to excessive memory allocation or a heap-based buffer overflow when processing crafted PE files, potentially causing...

CVE-2017-17121

CVE-2017-17121 affects the Binary File Descriptor (BFD) library in GNU Binutils 2.29.1. A COFF relocation that refers to a location beyond the end of the to-be-relocated section can trigger a memory access violation leading to a denial of service (memory corruption). Public details are drawn from...

CVE-2017-17124

The CVE-2017-17124 entry concerns GNU Binutils' Binary File Descriptor (libbfd) in Binutils 2.29.1. The _bfd_coff_read_string_table function in coffgen.c does not properly validate the size of the external string table, enabling a crafted COFF binary to cause denial of service through excessive m...

CVE-2017-17126

The loaddebugsection function in readelf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service invalid memory access and application crash or possibly have unspecified other impact via an ELF file that lacks section headers...

CVE-2017-17123

CVE-2017-17123 affects GNU Binutils’ Binary File Descriptor library (libbfd) in Binutils 2.29.1. The coff_slurp_reloc_table function in coffcode.h can cause a NULL pointer dereference, enabling a remote attacker to crash the application via a crafted COFF file. The initial description specifies t...

CVE-2017-17123

The coffslurpreloctable function in coffcode.h in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted COFF based file...

CVE-2017-17121

The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service memory access violation or possibly have unspecified other impact via a COFF binary in which a relocation refers to a location after the end of the...