UBUNTU-CVE-2022-38533

In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfdgetl32 when called from the stripmain function in strip-new via a crafted file...

binutils: Race window allows users to own arbitrary files

There is an open race window when writing output in the following utilities in GNU binutils1: ar, objcopy, strip, and ranlib. When these utilities are run as a privileged user presumably as part of a script updating binaries across different users, an unprivileged user can trick these utilities...

CVE-2021-20197

There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user presumably as part of a script updating binaries across different users, an unprivileged user can tric...

UBUNTU-CVE-2014-8737

Multiple directory traversal vulnerabilities in GNU binutils 2.24 and earlier allow local users to delete arbitrary files via a .. dot dot or full path name in an archive to 1 strip or 2 objcopy or create arbitrary files via 3 a .. dot dot or full path name in an archive to ar...

CentOS 4 : elfutils (CESA-2006:0354)

Updated elfutils packages that address a minor security issue and various other issues are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The elfutils packages contain a number of utility programs and libraries related to the creatio...