CVE-2018-18483

The getcount function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service malloc called with the result of an integer-overflowing calculation or possibly have unspecified other impact via a crafted string, as demonstrated by...

CVE-2018-16062

dwarfgetaranges in dwarfgetaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted file...

CVE-2018-12934

rememberKtype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption aka OOM. This can occur during execution of cxxfilt...

CVE-2018-12698

demangletemplate in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption aka OOM during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of objdump...

CVE-2018-12641

An issue was discovered in armpt in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demanglearmhptemplate, demangleclassname, demanglefundtype, dotype, doarg,...

CVE-2017-18269

An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library aka glibc or libc6 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in...

CVE-2018-10373

concatfilename in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted binary file, as demonstrated by nm-new...

CVE-2018-10372

processcutuindex in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted binary file, as demonstrated by readelf...

CVE-2018-9138

An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demanglenestedargs, demangleargs, doarg, and dotype...

GNU binutils 2.26.1 - Integer Overflow (PoC)

GNU binutils 2.26.1 - Integer Overflow PoC Exploit Title: Objdump - Integer Overflow Crash POC Date: 12.02.2018 Exploit Author: r4xis Tested Version: 2.26.1 Vuln Version: \nint mainprintf"HelloWorld!\n"; return 0;" f = open"helloWorld.c", 'w' f.writehello f.close os.system"gcc -c helloWorld.c -o...

CVE-2017-1000409

A buffer overflow in glibc 2.5 released on September 29, 2006 and can be triggered through the LDLIBRARYPATH environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366...

CVE-2017-1000408

A memory leak in glibc 2.1.1 released on May 24, 1999 can be reached and amplified through the LDHWCAPMASK environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366...

CVE-2017-17121

The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service memory access violation or possibly have unspecified other impact via a COFF binary in which a relocation refers to a location after the end of the...

CVE-2017-17125

nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global symbols, which allows remote attackers to cause a denial of service bfdelfgetsymbolversionstring buffer over-read and application crash or possibly have unspecified other impact via a crafted ELF file...

CVE-2017-16830

The printgnupropertynote function in readelf.c in GNU Binutils 2.29.1 does not have integer-overflow protection on 32-bit platforms, which allows remote attackers to cause a denial of service segmentation violation and application crash or possibly have unspecified other impact via a crafted ELF...

CVE-2017-16831

coffgen.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29.1, does not validate the symbol count, which allows remote attackers to cause a denial of service integer overflow and application crash, or excessive memory allocation or possibly have unspecified...

CVE-2017-16828

The displaydebugframes function in dwarf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service integer overflow and heap-based buffer over-read, and application crash or possibly have unspecified other impact via a crafted ELF file, related to printdebugframe...

CVE-2017-14940

scanunitforsymbols in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted ELF file...

CVE-2017-9955

The getbuildid function in opncls.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted file in which a certain size field is larger than a...

CVE-2017-9751

opcodes/rl78-decode.opc in GNU Binutils 2.28 has an unbounded GETBYTE macro, which allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during...