CVE-2017-9751

opcodes/rl78-decode.opc in GNU Binutils 2.28 has an unbounded GETBYTE macro, which allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during...

CVE-2017-9752

bfd/vms-alpha.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling...

CVE-2017-9749

The regs macros in opcodes/bfin-dis.c in GNU Binutils 2.28 allow remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution...

CVE-2017-9746

The disassemblebytes function in objdump.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of rae insns printing for this file during...

CVE-2017-9747

The ieeearchivep function in bfd/ieee.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, might allow remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, a...

CVE-2017-9744

The shelfsetmachfromflags function in bfd/elf32-sh.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary...

CVE-2017-9743

The printinsnscore32 function in opcodes/score7-dis.c:552 in GNU Binutils 2.28 allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdum...

Heap overflow

The getbuildid function in opncls.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted file in which a certain size field is larger than a...

CVE-2017-9955

The getbuildid function in opncls.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted file in which a certain size field is larger than a...

CVE-2017-9955

The getbuildid function in opncls.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted file in which a certain size field is larger than a...

DEBIAN-CVE-2017-9955

The getbuildid function in opncls.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted file in which a certain size field is larger than a...

CVE-2017-9955

The getbuildid function in opncls.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted file in which a certain size field is larger than a...

GNU Binutils 'objdump.c' Remote Denial of Service Vulnerability

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utility programs developed by the GNU Project to work with target files in a variety of formats, with connectors, assemblers, and other tools for target files and archives. A security vulnerability exists in the...

GNU binutils - aarch64_ext_ldst_reglist Buffer Overflow Exploit

Exploit for linux platform in category dos / poc Source: https://sourceware.org/bugzilla/showbug.cgi?id=21595 I have been fuzzing objdump with American Fuzzy Lop and AddressSanitizer. Please find attached the minimized file causing the issue "Input" and the ASAN report log "Output". Below is the...

Buffer overflow

The disassemblebytes function in objdump.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of rae insns printing for this file during...

CVE-2017-9756

The aarch64extldstreglist function in opcodes/aarch64-dis.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during...

Buffer overflow

opcodes/rx-decode.opc in GNU Binutils 2.28 lacks bounds checks for certain scale arrays, which allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this fil...

UBUNTU-CVE-2017-9748

The ieeeobjectp function in bfd/ieee.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, might allow remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as...

CVE-2017-9742

The scoreopcodes function in opcodes/score7-dis.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D"...

CVE-2017-9743

The printinsnscore32 function in opcodes/score7-dis.c:552 in GNU Binutils 2.28 allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdum...