290 matches found
DEBIAN-CVE-2017-8395
The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to an invalid write of size 8 because of missing a malloc return-value check to see if memory had actually been allocated in the bfdgenericgetsectioncontents function. This vulnerability causes...
CVE-2017-8393
The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to a global buffer over-read error because of an assumption made by code that runs for objcopy and strip, that SHTREL/SHRRELA sections are always named starting with a .rel/.rela prefix. This...
UBUNTU-CVE-2017-8395
The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to an invalid write of size 8 because of missing a malloc return-value check to see if memory had actually been allocated in the bfdgenericgetsectioncontents function. This vulnerability causes...
CVE-2017-8396
The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 because the existing reloc offset range tests didn't catch small negative offsets less than the size of the reloc field. This vulnerability causes programs that condu...
CVE-2017-8397
CVE-2017-8397 affects the Binary File Descriptor (BFD) library (libbfd) as distributed in GNU Binutils 2.28. It enables an invalid read of size 1 and an invalid write of size 1 during processing of a corrupt binary containing relocations with negative addresses, causing analysis tools such as obj...
CVE-2017-8395
The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to an invalid write of size 8 because of missing a malloc return-value check to see if memory had actually been allocated in the bfdgenericgetsectioncontents function. This vulnerability causes...
CVE-2017-8394
The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 4 due to NULL pointer dereferencing of bfdelflargecomsection. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library,...
CVE-2017-8393
The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to a global buffer over-read error because of an assumption made by code that runs for objcopy and strip, that SHTREL/SHRRELA sections are always named starting with a .rel/.rela prefix. This...
CVE-2017-8396
The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 because the existing reloc offset range tests didn't catch small negative offsets less than the size of the reloc field. This vulnerability causes programs that condu...
CVE-2017-8393
CVE-2017-8393 affects GNU Binutils’ Binary File Descriptor library (libbfd) as distributed in Binutils 2.28. The flaw stems from an assumption in code paths used by objcopy and strip that SHT_REL/SHR_RELA sections always begin with .rel/.rela, causing a global buffer over-read and a crash in tool...
CVE-2017-8394
CVE-2017-8394 affects the Binary File Descriptor (BFD) library (libbfd) in GNU Binutils 2.28. It is caused by a NULL pointer dereference in _bfd_elf_large_com_section, leading to an invalid read of size 4 and crashes in analysis tools (e.g., objcopy). Exploitation details, affected products/versi...
CVE-2017-8392
CVE-2017-8392 refers to a vulnerability in the Binary File Descriptor (BFD) library (libbfd) as distributed with GNU Binutils 2.28. The issue is an invalid read of size 8 caused by a missing check for NULL symbols in the _bfd_dwarf2_find_nearest_line function, which can cause programs analyzing b...
CVE-2017-8396
CVE-2017-8396 affects the Binary File Descriptor (BFD) library (libbfd) in GNU Binutils 2.28. It allows an invalid read of size 1 due to reloc offset range tests not catching small negative offsets, causing crash in binary-analysis tools such as objdump. The vulnerability is tied to libbfd’s hand...
DEBIAN-CVE-2017-7614
elflink.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, has a "member access within null pointer" undefined behavior issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via ...
CVE-2017-7614
elflink.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, has a "member access within null pointer" undefined behavior issue, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via ...
Buffer overflow
The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, has an aoutlinkaddsymbols function in bfd/aoutx.h that has an off-by-one vulnerability because it does not carefully check the string offset. The vulnerability could lead to a GNU linker ld program crash...
CVE-2017-7300
The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, has an aoutlinkaddsymbols function in bfd/aoutx.h that is vulnerable to a heap-based buffer over-read off-by-one because of an incomplete check for invalid string offsets while loading symbols, leading to a GN...
CVE-2017-7301
CVE-2017-7301 is a concrete vulnerability in GNU Binutils (libbfd). The aout_link_add_symbols function in bfd/aoutx.h has an off-by-one error in checking string offsets, which can cause the GNU linker (ld) to crash. Connected Nessus/Red Hat entries reference unpatched Binutils in various RHEL rel...
CVE-2017-7301
The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, has an aoutlinkaddsymbols function in bfd/aoutx.h that has an off-by-one vulnerability because it does not carefully check the string offset. The vulnerability could lead to a GNU linker ld program crash...
CVE-2017-7299
CVE-2017-7299 affects GNU Binutils 2.28’s Binary File Descriptor library (libbfd). The vulnerability arises when emitting relocations: bfd_elf_final_link in bfd/elflink.c reads the ELF reloc section header without validating the input file format, leading to an invalid read of size 8 and causing ...