Memory corruption

Memory leak in decodelineinfo in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service memory consumption via a crafted ELF file...

Null pointer dereference

scanunitforsymbols in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted ELF file...

UBUNTU-CVE-2017-14930

Memory leak in decodelineinfo in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service memory consumption via a crafted ELF file...

CVE-2017-14940

CVE-2017-14940 affects GNU Binutils libbfd: the scan_unit_for_symbols function in dwarf2.c can dereference a NULL pointer when processing a crafted ELF file, enabling a remote attacker to cause a denial of service (application crash). The vulnerability is tied to Binutils 2.29; exploitation detai...

CVE-2017-14933

CVE-2017-14933 affects the Binary File Descriptor (BFD) library (libbfd) in GNU Binutils 2.29. The vulnerability, in read_formatted_entries() within dwarf2.c, can cause a denial of service via an crafted ELF file by triggering an infinite loop. Affected component: BFD/dwarf2.c in Binutils 2.29. R...

CVE-2017-14934

CVE-2017-14934 affects the Binary File Descriptor (libbfd) component in GNU Binutils (2.29). A crafted ELF file containing a negative size value in a CU structure can trigger a denial of service via an infinite loop. The connected documents confirm the vulnerability pattern but do not provide a v...

CVE-2017-14729

CVE-2017-14729 affects the Binary File Descriptor (BFD) library (libbfd) in GNU Binutils 2.29. The vulnerability is triggered by non-unique PLT entries for a symbol in elf32-i386.c and elf64-x86-64.c, allowing remote attackers to cause a heap-based buffer overflow and application crash via a craf...

CVE-2017-14529

The peprintidata function in peXXigen.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, mishandles HintName vector entries, which allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted PE file...

CVE-2017-14529

The peprintidata function in peXXigen.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, mishandles HintName vector entries, which allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted PE file...

GNU Binutils Denial of Service Vulnerability (CNVD-2017-25453)

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utilities developed by the GNU Project to work with object files in a variety of formats, with connectors, assemblers, and other tools for object files and archives.The Binary File Descriptor BFD library a.k.a...

CVE-2017-14129

The readsection function in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service parsecompunit heap-based buffer over-read and application crash via a crafted ELF file...

DEBIAN-CVE-2017-14129

The readsection function in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service parsecompunit heap-based buffer over-read and application crash via a crafted ELF file...

Heap overflow

The decodelineinfo function in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service read1byte heap-based buffer over-read and application crash via a crafted ELF file...

CVE-2017-14129

The readsection function in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service parsecompunit heap-based buffer over-read and application crash via a crafted ELF file...

CVE-2017-14129

CVE-2017-14129 : The read_section function in dwarf2.c of GNU Binutils’ libbfd (Binutils 2.29) is vulnerable to a heap-based buffer over-read in parse of crafted ELF files, enabling remote denial of service via crashing the application. The description explicitly ties the issue to Binutils 2.29 a...

CVE-2017-14130

CVE-2017-14130 affects the Binary File Descriptor library (libbfd) as distributed in GNU Binutils 2.29. The vulnerability arises in the _bfd_elf_parse_attributes function within elf-attrs.c, where a crafted ELF file can trigger a heap-based buffer over-read, enabling a remote attacker to cause an...

CVE-2017-12967

The getsym function in tekhex.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service stack-based buffer over-read and application crash via a malformed tekhex binary...

CVE-2017-12967

CVE-2017-12967 involves the Binary File Descriptor (BFD) library (libbfd) in GNU Binutils 2.29. The getsym function in tekhex.c may be triggered by a malformed tekhex binary, allowing a remote attacker to cause a denial of service via a stack-based buffer over-read and resulting in an application...

Design/Logic Flaw

The evaxbfdprintemh function in vms-alpha.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file...

Design/Logic Flaw

The nlmswapauxiliaryheadersin function in bfd/nlmcode.h in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted nlm file...