5 matches found
GHSA-47X8-96VW-5WG6 vm2 Access to Host Object Enables Sandbox Escape
Summary It is possible to obtain the host Object, https://github.com/patriksimek/vm2/commit/ebcfe94ad2f864f0bc35e78cff1d921107cfd160 added some protections, but the implementation is incomplete. Details There are various ways to use the host Object, to escape the sandbox, one example would be usi...
CLSA-2026-1775726631 binutils: Fix of 9 CVEs
CVE-2023-1972: fix heap buffer overflow in bfdelfslurpversiontables - CVE-2025-11412: fix out-of-bounds read in bfdelfgcrecordvtentry - CVE-2025-11413: fix out-of-bounds read in elflinkaddobjectsymbols - CVE-2025-11839: fix abort in tgtagtype with fuzzed input - CVE-2025-11840: fix SEGV from NULL...
GNU Binutils Linker elflink.c elf_link_add_object_symbols out-of-bounds
...
PT-2025-41192
Name of the Vulnerable Software and Affected Versions GNU Binutils versions prior to 2.46 Description A flaw exists in the Linker component of GNU Binutils, specifically within the elf link add object symbols function located in the bfd/elflink.c file. This issue leads to an out-of-bounds read...
DEBIAN-CVE-2018-20651
A NULL pointer dereference was discovered in elflinkaddobjectsymbols in elflink.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31.1. This occurs for a crafted ETDYN with no program headers. A specially crafted ELF file allows remote attackers to cause a...