CVE-2017-9038

GNU Binutils 2.28 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted ELF file, related to the bytegetlittleendian function in elfcomm.c, the getunwindsectionword function in readelf.c, and ARM unwind information that contains inval...

CVE-2017-9040

GNU Binutils 2017-04-03 allows remote attackers to cause a denial of service NULL pointer dereference and application crash, related to the processmipsspecific function in readelf.c, via a crafted ELF file that triggers a large memory-allocation attempt...

CVE-2017-9042

readelf.c in GNU Binutils 2017-04-12 has a "cannot be represented in type long" issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted ELF file...

Code injection

readelf.c in GNU Binutils 2017-04-12 has a "shift exponent too large for type unsigned long" issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted ELF file...

Design/Logic Flaw

GNU Binutils 2.28 allows remote attackers to cause a denial of service memory consumption via a crafted ELF file with many program headers, related to the getprogramheaders function in readelf.c...

Code injection

readelf.c in GNU Binutils 2017-04-12 has a "cannot be represented in type long" issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted ELF file...

CVE-2017-9043

readelf.c in GNU Binutils 2017-04-12 has a "shift exponent too large for type unsigned long" issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted ELF file...

CVE-2017-9044

The printsymbolforbuildattribute function in readelf.c in GNU Binutils 2017-04-12 allows remote attackers to cause a denial of service invalid read and SEGV via a crafted ELF file...

UBUNTU-CVE-2017-9040

GNU Binutils 2017-04-03 allows remote attackers to cause a denial of service NULL pointer dereference and application crash, related to the processmipsspecific function in readelf.c, via a crafted ELF file that triggers a large memory-allocation attempt...

CVE-2017-9040

GNU Binutils 2017-04-03 allows remote attackers to cause a denial of service NULL pointer dereference and application crash, related to the processmipsspecific function in readelf.c, via a crafted ELF file that triggers a large memory-allocation attempt...

CVE-2017-9042

readelf.c in GNU Binutils 2017-04-12 has a "cannot be represented in type long" issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted ELF file...

CVE-2017-9043

CVE-2017-9043 : GNU Binutils readelf (the readelf.c functionality in Binutils dated 2017-04-12) contains a “shift exponent too large for type unsigned long” issue that could allow a remote attacker to cause a denial of service (application crash) or potentially other impact via a crafted ELF file...

CVE-2017-9044

Technical details for CVE-2017-9044 are not provided in the connected documents. The initial description notes a denial of service via crafted ELF in Binutils, but no concrete affected versions or fixes are given here. Monitor for updates.

CVE-2017-9041

Technical details for CVE-2017-9041 are not publicly provided in the connected documents. The materials reference Binutils 2.28 and MIPS GOT handling but do not specify affected versions beyond 2.28, exploit vectors, or fixes. Monitor for updates.

CVE-2017-9038

CVE-2017-9038 affects GNU Binutils 2.28 and is a remote DoS via crafted ELF files, causing heap-based buffer over-read and crash. Root cause involves ARM unwind information with invalid word offsets and related code paths (byte_get_little_endian in elfcomm.c; get_unwind_section_word in readelf.c)...

CVE-2017-9039

GNU Binutils 2.28 is vulnerable to remote denial of service via a crafted ELF file containing many program headers. The issue arises in readelf.c within get_program_headers, as described in CVE-2017-9039. The connected Nessus entries confirm the same vulnerability details; no other fixes or mitig...

CVE-2017-9042

GNU Binutils readelf.c (CVE-2017-9042) had a “cannot be represented in type long” issue that could crash the process via a crafted ELF file. The Connected document CLSA-2025:1760112341 reports a fix for CVE-2017-9042 (binutils: Fix of CVE-2017-9042) in CloudLinux update info for CentOS6 ELs; reme...

CVE-2017-9038

GNU Binutils 2.28 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted ELF file, related to the bytegetlittleendian function in elfcomm.c, the getunwindsectionword function in readelf.c, and ARM unwind information that contains inval...

CVE-2017-9041

GNU Binutils 2.28 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted ELF file, related to MIPS GOT mishandling in the processmipsspecific function in readelf.c...

CVE-2017-9044

The printsymbolforbuildattribute function in readelf.c in GNU Binutils 2017-04-12 allows remote attackers to cause a denial of service invalid read and SEGV via a crafted ELF file...