GNU Binutils 'bfd_mach_o_i386_canonicalize_one_reloc' function out-of-bounds heap read vulnerability

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utilities developed by the GNU Project to work with object files in a variety of formats, with connectors, assemblers, and other tools for object files and archives.The Binary File Descriptor BFD library a.k.a...

DEBIAN-CVE-2017-12452

The bfdmachoi386canonicalizeonereloc function in bfd/mach-o-i386.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted mach-o file...

UBUNTU-CVE-2017-11714

psi/ztoken.c in Artifex Ghostscript 9.21 mishandles references to the scanner state structure, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted PostScript document, related to an out-of-bounds read in the...

UBUNTU-CVE-2017-8421

The function coffsetalignmenthook in coffcode.h in Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, has a memory leak vulnerability which can cause memory exhaustion in objdump via a crafted PE file. Additional validation in dumprelocsinsection in objdump.c can...

UBUNTU-CVE-2017-8397

The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 and an invalid write of size 1 during processing of a corrupt binary containing relocs with negative addresses. This vulnerability causes programs that conduct an...

CVE-2017-8397

The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 and an invalid write of size 1 during processing of a corrupt binary containing relocs with negative addresses. This vulnerability causes programs that conduct an...

UBUNTU-CVE-2017-7946

The getrelocs64 function in libr/bin/format/mach0/mach0.c in radare2 1.3.0 allows remote attackers to cause a denial of service use-after-free and application crash via a crafted Mach0 file...

DEBIAN-CVE-2017-7299

The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, has an invalid read of size 8 because the code to emit relocs bfdelffinallink function in bfd/elflink.c does not check the format of the input file before trying to read the ELF reloc section header. The...

DEBIAN-CVE-2017-6966

readelf in GNU Binutils 2.28 has a use-after-free specifically read-after-free error while processing multiple, relocated sections in an MSP430 binary. This is caused by mishandling of an invalid symbol index, and mishandling of state across invocations...

Out-of-bounds

dwarfelfaccess.c in libdwarf before 20160923 allows remote attackers to cause a denial of service out-of-bounds write via a crafted file, related to relocation records...

UBUNTU-CVE-2016-5034

dwarfelfaccess.c in libdwarf before 20160923 allows remote attackers to cause a denial of service out-of-bounds write via a crafted file, related to relocation records...

CVE-2016-5034

dwarfelfaccess.c in libdwarf before 20160923 allows remote attackers to cause a denial of service out-of-bounds write via a crafted file, related to relocation records...

DEBIAN-CVE-2016-5034

dwarfelfaccess.c in libdwarf before 20160923 allows remote attackers to cause a denial of service out-of-bounds write via a crafted file, related to relocation records...

CVE-2016-5034

dwarfelfaccess.c in libdwarf before 20160923 allows remote attackers to cause a denial of service out-of-bounds write via a crafted file, related to relocation records...

CVE-2016-5034

dwarfelfaccess.c in libdwarf before 20160923 allows remote attackers to cause a denial of service out-of-bounds write via a crafted file, related to relocation records...

CVE-2016-5034

CVE-2016-5034 affects libdwarf (dwarf_elf_access.c) with an out-of-bounds write via a crafted ELF file, vulnerable in versions before 20160923. Remote denial of service is stated. Connected documents consistently describe this vulnerability as part of the libdwarf set of CVEs; no explicit patch v...

CVE-2016-5034

dwarfelfaccess.c in libdwarf before 20160923 allows remote attackers to cause a denial of service out-of-bounds write via a crafted file, related to relocation records...

SUSE-SU-2016:2156-1 Security update for glibc

This update for glibc fixes the following issues: - Drop old fix that could break services that start before IPv6 is up. bsc931399 - Do not copy dname field of struct dirent. CVE-2016-1234, bsc969727 - Fix memory leak in nssdnsgethostbyname4r. bsc973010 - Relocate DSOs in dependency order, fixing...

CVE-2016-5034

dwarfelfaccess.c in libdwarf before 20160923 allows remote attackers to cause a denial of service out-of-bounds write via a crafted file, related to relocation records...

Fedora 22 : tomcat-7.0.68-3.fc22 (2016-e6651efbaf)

Revert sysconfig migration changes, resolves: rhbz1311771, rhbz1311905 - Add /etc/tomcat/conf.d/ with shell expansion support, resolves rhbz1293636 ---- - Load sysconfig from tomcat.conf, resolves: rhbz1311771, rhbz1311905 - Set default javax.sql.DataSource factory to apache commons one, resolves...