Improper Validation of Specified Index, Position, or Offset in Input

Overview Affected versions of this package are vulnerable to Improper Validation of Specified Index, Position, or Offset in Input through the processing of crafted DWARF debug information in objdump. An attacker can cause a denial of service by supplying specially crafted input files. Remediation...

GNU Binutils objdump.c disassemble_bytes stack-based overflow

...

GNU Binutils objdump Denial of Service Vulnerability

GNU Binutils objdump is a command-line tool in the toolset that is primarily used to analyze and display detailed information about binary files e.g. executables, target files, static libraries, etc.. A denial of service vulnerability exists in GNU Binutils objdump, which originates from the...

GNU Binutils 安全漏洞

Gnu Binutils objdump is a command-line tool in the GNU Binutils toolset that is mainly used to analyze binary files e.g., executables, target files, static libraries, etc. and display their detailed information. A denial of service vulnerability exists in Gnu Binutils objdump, which stems from th...

GNU Binutils 安全漏洞

GNU Binutils objdump is a command-line tool in the toolset that is primarily used to analyze and display detailed information about binary files e.g. executables, target files, static libraries, etc.. A denial of service vulnerability exists in GNU Binutils objdump, which originates from the...

SUSE CVE-2017-7224

The findnearestline function in objdump in GNU Binutils 2.28 is vulnerable to an invalid write of size 1 while disassembling a corrupt binary that contains an empty function name, leading to a program crash...

UBUNTU-CVE-2018-20671

loadspecificdebugsection in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size...

UBUNTU-CVE-2017-9743

The printinsnscore32 function in opcodes/score7-dis.c:552 in GNU Binutils 2.28 allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdum...

DEBIAN-CVE-2017-9754

The processotr function in bfd/versados.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, does not validate a certain offset, which allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified...

GNU binutils - ieee_object_p Stack Buffer Overflow Exploit

Exploit for linux platform in category dos / poc Source: https://sourceware.org/bugzilla/showbug.cgi?id=21582 I have been fuzzing objdump with American Fuzzy Lop and AddressSanitizer. Please find attached the minimized file causing the issue "Input" and the ASAN report log "Output". Below is the...