The vulnerability of the libbfd library in the GNU Binutils development environment allows a hacker to trigger a service failure.

The vulnerability of the libbfd library function elfreadnotes elf.c in the GNU Binutils development environment is related to the distribution of resources without restrictions. Exploiting this vulnerability could allow an attacker to cause a service failure...

Security Bulletin: Multiple vulnerabilities in GNU Binutils affect IBM Netezza Platform Software clients.

Summary GNU Binutils is used by IBM Netezza Platform Software. IBM Netezza Platform Software has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2019-9070 DESCRIPTION: GNU Binutils is vulnerable to a heap-based buffer overflow, caused by a buffer over-read flaw in the dexpression1...

Denial Of Service (DoS)

binutils is vulnerable to denial of service DoS. An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in bfddwarf2findnearestline in dwarf2.c, as demonstrated by nm...

Buffer Overflow

binutils:bionic is vulnerable to buffer overflow. An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils through 2.31. There is a heap-based buffer overflow in bfdelf32swapphdrin in elfcode.h because the number of program headers is not...

Denial Of Service (DoS)

binutils:bionic is vulnerable to denial of service DoS. An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils. There is a heap-based buffer over-read in bfddoprnt in bfd.c because elfobjectp in elfcode.h mishandles an eshstrndx section of typ...

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd) as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c as demonstrated by nm.

...

An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section.

...

Binutils: Multiple vulnerabilities

Background The GNU Binutils are a collection of tools to create, modify and analyse binary files. Many of the files use BFD, the Binary File Descriptor library, to do low-level manipulation. Description Multiple vulnerabilities have been discovered in Binutils. Please review the CVE identifiers...

Security Bulletin: Multiple vulnerabilities in GNU Binutils affect IBM Netezza Platform Software clients.

Summary GNU Binutils is used by IBM Netezza Platform Software. IBM Netezza Platform Software has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2019-17450 DESCRIPTION: GNU Binutils is vulnerable to a denial of service, caused by an infinite recursion in findabstractinstance in...

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2020-1743)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.6.0 : binutils (EulerOS-SA-2020-1743)

According to the versions of the binutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The bfdgenericreadminisymbols function in syms.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU...

USN-4336-1: GNU binutils vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description It was discovered that GNU binutils contained a large number of security issues. If a user or automated system were tricked into processing a specially-crafted file, a remote attacker could cause GNU...

Ubuntu 18.04 LTS : GNU binutils vulnerabilities (USN-4336-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4336-1 advisory. It was discovered that GNU binutils contained a large number of security issues. If a user or automated system were tricked into processing a...

USN-4336-1: GNU binutils vulnerabilities

It was discovered that GNU binutils contained a large number of security issues. If a user or automated system were tricked into processing a specially-crafted file, a remote attacker could cause GNU binutils to crash, resulting in a denial of service, or possibly execute arbitrary code...

CVE-2018-12698

demangletemplate in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption aka OOM during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of objdump...

CVE-2018-19932

An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils through 2.31. There is an integer overflow and infinite loop caused by the ISCONTAINEDBYLMA macro in elf.c...

CVE-2018-20623

In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called from the processarchive function in readelf.c via a crafted ELF file...

CVE-2018-17985

An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplusdemangletype function making recursive calls to itself in certain scenarios involving many 'P' characters...

CVE-2018-18483

The getcount function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service malloc called with the result of an integer-overflowing calculation or possibly have unspecified other impact via a crafted string, as demonstrated by...

CVE-2018-20673

The demangletemplate function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability for "Create an array for saving the template argument values" that can trigger a heap-based buffer overflow, as demonstrated by nm...