SUSE CVE-2017-9744

The shelfsetmachfromflags function in bfd/elf32-sh.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary...

SUSE CVE-2017-9745

The bfdvmsslurpetir function in bfd/vms-alpha.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file...

SUSE CVE-2017-9743

The printinsnscore32 function in opcodes/score7-dis.c:552 in GNU Binutils 2.28 allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdum...

SUSE CVE-2017-9746

The disassemblebytes function in objdump.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of rae insns printing for this file during...

SUSE CVE-2017-9748

The ieeeobjectp function in bfd/ieee.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, might allow remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as...

SUSE CVE-2017-9751

opcodes/rl78-decode.opc in GNU Binutils 2.28 has an unbounded GETBYTE macro, which allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during...

SUSE CVE-2017-9749

The regs macros in opcodes/bfin-dis.c in GNU Binutils 2.28 allow remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution...

SUSE CVE-2017-9754

The processotr function in bfd/versados.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, does not validate a certain offset, which allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified...

SUSE CVE-2017-9753

The versadosmkobject function in bfd/versados.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, does not initialize a certain data structure, which allows remote attackers to cause a denial of service buffer overflow and application crash or possibly hav...

SUSE CVE-2017-9955

The getbuildid function in opncls.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted file in which a certain size field is larger than a...

SUSE CVE-2018-12697

A NULL pointer dereference aka SEGV on unknown address 0x000000000000 was discovered in workstuffcopytofrom in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump...

SUSE CVE-2018-12698

demangletemplate in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption aka OOM during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of objdump...

SUSE CVE-2018-12699

finishstab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump...

SUSE CVE-2018-17360

An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfdgetl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executabl...

SUSE CVE-2018-18309

An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in readreloc in reloc.c. The vulnerability causes a segmentation fault and application crash, which leads to denial of service, a...

SUSE CVE-2018-1000876

binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfdgetdynamicrelocupperbound,bfdcanonicalizedynamicreloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be...

SUSE CVE-2020-35493

A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap buffer overflow - out-of-bounds read that could lead to an impact to application availability. This flaw affects binutils versions prior to 2.34...

SUSE CVE-2020-35495

There's a flaw in binutils /bfd/pef.c. An attacker who is able to submit a crafted input file to be processed by the objdump program could cause a null pointer dereference. The greatest threat from this flaw is to application availability. This flaw affects binutils versions prior to 2.34...

SUSE CVE-2020-35496

There's a flaw in bfdpefscanstartaddress of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. This flaw affects binutils versions...

SUSE CVE-2020-35507

There's a flaw in bfdpefparsefunctionstubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability...