36 matches found
CVE-2017-9748
The ieeeobjectp function in bfd/ieee.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, might allow remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as...
CVE-2017-9751
opcodes/rl78-decode.opc in GNU Binutils 2.28 has an unbounded GETBYTE macro, which allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during...
UBUNTU-CVE-2017-9755
opcodes/i386-dis.c in GNU Binutils 2.28 does not consider the number of registers for bnd mode, which allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of...
CVE-2017-9756
The aarch64extldstreglist function in opcodes/aarch64-dis.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during...
CVE-2017-9755
opcodes/i386-dis.c in GNU Binutils 2.28 does not consider the number of registers for bnd mode, which allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of...
CVE-2017-9742
The scoreopcodes function in opcodes/score7-dis.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D"...
CVE-2017-9742
CVE-2017-9742: In GNU Binutils 2.28, the score_opcodes function in opcodes/score7-dis.c is vulnerable to crafted binary input, enabling remote attackers to cause a denial of service via a buffer overflow during objdump -D. The description specifies the impact as DOS with potential unspecified eff...
CVE-2017-9743
The printinsnscore32 function in opcodes/score7-dis.c:552 in GNU Binutils 2.28 allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdum...
CVE-2017-9743
The printinsnscore32 function in opcodes/score7-dis.c:552 in GNU Binutils 2.28 allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdum...
CVE-2017-9756
The aarch64extldstreglist function in opcodes/aarch64-dis.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during...
CVE-2017-9750
opcodes/rx-decode.opc in GNU Binutils 2.28 lacks bounds checks for certain scale arrays, which allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this fil...
CVE-2017-9746
The disassemblebytes function in objdump.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of rae insns printing for this file during...
CVE-2017-9751
opcodes/rl78-decode.opc in GNU Binutils 2.28 has an unbounded GETBYTE macro, which allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during...
CVE-2017-9752
bfd/vms-alpha.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling...
CVE-2017-9744
The shelfsetmachfromflags function in bfd/elf32-sh.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary...
GNU binutils - 'rx_decode_opcode' Buffer Overflow
Source: https://sourceware.org/bugzilla/showbug.cgi?id=21587 I have been fuzzing objdump with American Fuzzy Lop and AddressSanitizer. Please find attached the minimized file causing the issue "Input" and the ASAN report log "Output". Below is the reduced stacktrace with links to the correspondin...