593 matches found
GNU binutils - 'ieee_object_p' Stack Buffer Overflow
Source: https://sourceware.org/bugzilla/showbug.cgi?id=21582 I have been fuzzing objdump with American Fuzzy Lop and AddressSanitizer. Please find attached the minimized file causing the issue "Input" and the ASAN report log "Output". Below is the reduced stacktrace with links to the correspondin...
GNU binutils - bfd_get_string Stack Buffer Overflow Exploit
Exploit for linux platform in category dos / poc Source: https://sourceware.org/bugzilla/showbug.cgi?id=21581 I have been fuzzing objdump with American Fuzzy Lop and AddressSanitizer. Please find attached the minimized file causing the issue "Input" and the ASAN report log "Output". Below is the...
GNU binutils - 'print_insn_score16' Buffer Overflow
Source: https://sourceware.org/bugzilla/showbug.cgi?id=21576 I have been fuzzing objdump with American Fuzzy Lop and AddressSanitizer. Please find attached the minimized file causing the issue "Input" and the ASAN report log "Output". Below is the reduced stacktrace with links to the correspondin...
GNU binutils - bfd_get_string Stack Buffer Overflow
GNU binutils - bfdgetstring Stack Buffer Overflow Source: https://sourceware.org/bugzilla/showbug.cgi?id=21581 I have been fuzzing objdump with American Fuzzy Lop and AddressSanitizer. Please find attached the minimized file causing the issue "Input" and the ASAN report log "Output". Below is the...
GNU binutils - rx_decode_opcode Buffer Overflow
GNU binutils - rxdecodeopcode Buffer Overflow Source: https://sourceware.org/bugzilla/showbug.cgi?id=21587 I have been fuzzing objdump with American Fuzzy Lop and AddressSanitizer. Please find attached the minimized file causing the issue "Input" and the ASAN report log "Output". Below is the...
GNU binutils - rx_decode_opcode Buffer Overflow Exploit
Exploit for linux platform in category dos / poc Source: https://sourceware.org/bugzilla/showbug.cgi?id=21587 I have been fuzzing objdump with American Fuzzy Lop and AddressSanitizer. Please find attached the minimized file causing the issue "Input" and the ASAN report log "Output". Below is the...
PT-2017-19149 · Gnu +1 · Gnu Binutils +1
Name of the Vulnerable Software and Affected Versions: GNU Binutils version 2.28 Description: The issue allows remote attackers to cause a denial of service, resulting in a buffer overflow and application crash, or possibly have other unspecified impacts. This can be achieved by using a crafted...
CVE-2017-8396
The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 because the existing reloc offset range tests didn't catch small negative offsets less than the size of the reloc field. This vulnerability causes programs that condu...
CVE-2017-8397
The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 and an invalid write of size 1 during processing of a corrupt binary containing relocs with negative addresses. This vulnerability causes programs that conduct an...
CVE-2017-8392
The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 8 because of missing a check to determine whether symbols are NULL in the bfddwarf2findnearestline function. This vulnerability causes programs that conduct an analysis...
CVE-2017-8398
dwarf.c in GNU Binutils 2.28 is vulnerable to an invalid read of size 1 during dumping of debug information from a corrupt binary. This vulnerability causes programs that conduct an analysis of binary programs, such as objdump and readelf, to crash...
CVE-2017-8421
The function coffsetalignmenthook in coffcode.h in Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, has a memory leak vulnerability which can cause memory exhaustion in objdump via a crafted PE file. Additional validation in dumprelocsinsection in objdump.c can...
GNU Binutils Buffer Overflow Vulnerability (CNVD-2017-06998)
GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utility programs developed by the GNU Project to work with target files in a variety of formats, with connectors, assemblers, and other tools for target files and archives. GNU Binutils suffers from a buffer...
CVE-2017-8421
The function coffsetalignmenthook in coffcode.h in Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, has a memory leak vulnerability which can cause memory exhaustion in objdump via a crafted PE file. Additional validation in dumprelocsinsection in objdump.c can...
DEBIAN-CVE-2017-8421
The function coffsetalignmenthook in coffcode.h in Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, has a memory leak vulnerability which can cause memory exhaustion in objdump via a crafted PE file. Additional validation in dumprelocsinsection in objdump.c can...
CVE-2017-8421
The function coffsetalignmenthook in coffcode.h in Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, has a memory leak vulnerability which can cause memory exhaustion in objdump via a crafted PE file. Additional validation in dumprelocsinsection in objdump.c can...
CVE-2017-8421
The function coffsetalignmenthook in coffcode.h in Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, has a memory leak vulnerability which can cause memory exhaustion in objdump via a crafted PE file. Additional validation in dumprelocsinsection in objdump.c can...
Memory corruption
The function coffsetalignmenthook in coffcode.h in Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, has a memory leak vulnerability which can cause memory exhaustion in objdump via a crafted PE file. Additional validation in dumprelocsinsection in objdump.c can...
CVE-2017-8421
The function coffsetalignmenthook in coffcode.h in Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, has a memory leak vulnerability which can cause memory exhaustion in objdump via a crafted PE file. Additional validation in dumprelocsinsection in objdump.c can...
CVE-2017-8421
The CVE-2017-8421 issue affects GNU Binutils' Binary File Descriptor (libbfd) component, specifically the coff_set_alignment_hook function in coffcode.h used with Binutils 2.28. It describes a memory leak vulnerability that can cause memory exhaustion in objdump when parsing a crafted PE file. Th...