45 matches found
Astra Linux – Vulnerability in binutils
A issue was discovered in the mergestrings function in the merge.c file within the Binary File Descriptor BFD library also known as libbfd, as part of the GNU Binutils 2.31. There is a NULL pointer dereferencing issue when attempting to merge sections with large alignments using bfdaddmergesectio...
CVE-2026-6845
A flaw was found in binutils, specifically within the readelf utility. This vulnerability allows a local attacker to cause a Denial of Service DoS by tricking a user into processing a specially crafted Executable and Linkable Format ELF file. The exploitation of this flaw can lead to the system...
Red Hat Enterprise Linux 代码问题漏洞
Red Hat Enterprise Linux is a Linux operating system for enterprise users developed by Red Hat, Inc. Red Hat Enterprise Linux 10 contains a code vulnerability that allows local attackers to cause denial-of-service attacks by tricking users into processing specially crafted ELF files. This...
LIEF 代码问题漏洞
LIEF is a cross-platform library from the individual developer Romain Thomas. It is used to parse, modify and abstract Elf, Pe and MachO formats. A code issue vulnerability exists in LIEF 0.17.1 and earlier versions, which stems from a null pointer dereference in the file src/ELF/Parser.tcc in th...
CLSA-2025-1767090011 binutils: Fix of CVE-2025-11083
CVE-2025-11083: fix corrupt ELF section header handling...
Medium: cuda-sandbox-devel-12-9
Issue Overview: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a failure to check the length of a buffer could allow a user to cause the tool to crash or execute arbitrary code by passing in a malformed ELF file. A successful exploit of this...
DEBIAN-CVE-2024-53878
NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the cuobjdump binary, where a user could cause a crash by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service...
[SECURITY] Fedora 38 Update: libgit2-1.6.5-1.fc38
libgit2 is a portable, pure C implementation of the Git core methods provided as a re-entrant linkable library with a solid API, allowing you to write native speed custom Git applications in any language with bindings...
[SECURITY] Fedora 39 Update: libgit2_1.6-1.6.5-1.fc39
libgit2 is a portable, pure C implementation of the Git core methods provided as a re-entrant linkable library with a solid API, allowing you to write native speed custom Git applications in any language with bindings...
[SECURITY] Fedora 39 Update: libgit2-1.7.2-1.fc39
libgit2 is a portable, pure C implementation of the Git core methods provided as a re-entrant linkable library with a solid API, allowing you to write native speed custom Git applications in any language with bindings...
libgit2: Privilege Escalation Vulnerability
Background libgit2 is a portable, pure C implementation of the Git core methods provided as a re-entrant linkable library with a solid API. Description A vulnerability has been discovered in libgit2. Please review the CVE identifier referenced below for details. Impact Usages of a malicious craft...
SUSE CVE-2017-13757
The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, does not validate the PLT section size, which allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted ELF file, related to elfi386getsyntheticsymtab...
SUSE CVE-2018-7642
The swapstdrelocin function in aoutx.h in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service aout32swapstdrelocout NULL pointer dereference and application crash via a crafted ELF file, as demonstrated by...
[SECURITY] Fedora 36 Update: libgit2-1.3.2-1.fc36
libgit2 is a portable, pure C implementation of the Git core methods provided as a re-entrant linkable library with a solid API, allowing you to write native speed custom Git applications in any language with bindings...
LIEF 缓冲区错误漏洞
LIEF is a cross-platform library from the individual developer Romain Thomas. It is used to parse, modify and abstract Elf, Pe and MachO formats. LIEF has a security vulnerability that stems from a heap buffer overflow in the printbinary function in /c/machoreader.c. The vulnerability is caused b...
The vulnerability of the elf::section::as_strtab function in the library for reading ELF and DWARF v4 files in Libelfin allows a attacker to cause a service failure.
The vulnerability of the elf::section::asstrtab function in the library for reading ELF and DWARF v4 files is related to insufficient elimination of special elements in the request. Exploiting this vulnerability allows a remote attacker to trigger a service failure using a specially created ELF...
binutils: denial of service via crafted ELF file
findabstractinstance in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service infinite recursion and application crash via a crafted ELF file...
UBUNTU-CVE-2019-17450
findabstractinstance in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service infinite recursion and application crash via a crafted ELF file...
The vulnerability of the elflint.c library, a utility for modifying and analyzing binary ELF files, related to insufficient input validation, allows attackers to cause service interruptions.
The vulnerability of the elflint.c library tool for modifying and analyzing binary ELF files is related to insufficient checks on the number of partitions and segments. Exploiting this vulnerability allows a malicious actor to cause a service failure for a specially created ELF file...
UBUNTU-CVE-2018-18521
Divide-by-zero vulnerabilities in the function arlibaddsymbols in arlib.c in elfutils 0.174 allow remote attackers to cause a denial of service application crash with a crafted ELF file, as demonstrated by eu-ranlib, because a zero shentsize is mishandled...