10 matches found
rust-toolset:ol8 security, bug fix, and enhancement update
rust-toolset 1.54.0-1 - Update to Rust and Cargo 1.54.0. 1.53.0-1 - Update to Rust and Cargo 1.53.0. rust 1.54.0-2 - Make std-static-wasm arch-specific to avoid s390x. 1.54.0-1 - Update to 1.54.0. 1.53.0-2 - Use llvm-ranlib to fix wasm archives. 1.53.0-1 - Update to 1.53.0. 1.52.1-2 - Set...
binutils: Race window allows users to own arbitrary files
There is an open race window when writing output in the following utilities in GNU binutils1: ar, objcopy, strip, and ranlib. When these utilities are run as a privileged user presumably as part of a script updating binaries across different users, an unprivileged user can trick these utilities...
Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2021-2058)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DEBIAN-CVE-2021-20197
There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user presumably as part of a script updating binaries across different users, an unprivileged user can tric...
CVE-2021-20197
There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user presumably as part of a script updating binaries across different users, an unprivileged user can tric...
PT-2021-7939
Name of the Vulnerable Software and Affected Versions GNU Binutils versions 2.35 and earlier Description The issue is related to an open race window when writing output in certain utilities, including ar, objcopy, strip, and ranlib. This can be exploited by an unprivileged user to trick these...
CVE-2018-18521
Divide-by-zero vulnerabilities in the function arlibaddsymbols in arlib.c in elfutils 0.174 allow remote attackers to cause a denial of service application crash with a crafted ELF file, as demonstrated by eu-ranlib, because a zero shentsize is mishandled...
Input validation
Divide-by-zero vulnerabilities in the function arlibaddsymbols in arlib.c in elfutils 0.174 allow remote attackers to cause a denial of service application crash with a crafted ELF file, as demonstrated by eu-ranlib, because a zero shentsize is mishandled...
CVE-2018-18521
Divide-by-zero vulnerabilities in the function arlibaddsymbols in arlib.c in elfutils 0.174 allow remote attackers to cause a denial of service application crash with a crafted ELF file, as demonstrated by eu-ranlib, because a zero shentsize is mishandled...
CVE-2018-18521
Divide-by-zero vulnerabilities in the function arlibaddsymbols in arlib.c in elfutils 0.174 allow remote attackers to cause a denial of service application crash with a crafted ELF file, as demonstrated by eu-ranlib, because a zero shentsize is mishandled...