Binutils Security Vulnerabilities and Issues — Binutils CVE List

Lucene search

GnuBinutils

8 matches found

CVE•added 2017/11/15 8:29 a.m.•143 views

CVE-2017-16827

The aout_get_external_symbols function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (slurp_symtab invalid free and application crash) or possibly have unspecified other impact via a c...

7.8CVSS7.8AI score0.00337EPSS

CVE•added 2017/11/15 8:29 a.m.•135 views

CVE-2017-16828

The display_debug_frames function in dwarf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service (integer overflow and heap-based buffer over-read, and application crash) or possibly have unspecified other impact via a crafted ELF file, related to print_debug_frame.

7.8CVSS8AI score0.00337EPSS

CVE•added 2017/11/15 8:29 a.m.•131 views

CVE-2017-16829

The _bfd_elf_parse_gnu_properties function in elf-properties.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not prevent negative pointers, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) o...

7.8CVSS6.5AI score0.00523EPSS

CVE•added 2017/11/15 8:29 a.m.•126 views

CVE-2017-16826

The coff_slurp_line_table function in coffcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via a crafte...

7.8CVSS7.8AI score0.00296EPSS

CVE•added 2017/11/15 8:29 a.m.•124 views

CVE-2017-16832

The pe_bfd_read_buildid function in peicode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate size and offset values in the data dictionary, which allows remote attackers to cause a denial of service (segmentation violation and appl...

7.8CVSS7.1AI score0.00337EPSS

CVE•added 2017/11/15 8:29 a.m.•119 views

CVE-2017-16830

The print_gnu_property_note function in readelf.c in GNU Binutils 2.29.1 does not have integer-overflow protection on 32-bit platforms, which allows remote attackers to cause a denial of service (segmentation violation and application crash) or possibly have unspecified other impact via a crafted E...

7.8CVSS7.8AI score0.00305EPSS

CVE•added 2017/11/15 8:29 a.m.•115 views

CVE-2017-16831

coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate the symbol count, which allows remote attackers to cause a denial of service (integer overflow and application crash, or excessive memory allocation) or possibly have unspeci...

7.8CVSS7.9AI score0.00337EPSS

CVE•added 2017/11/30 9:29 p.m.•59 views

CVE-2017-17080

elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate sizes of core notes, which allows remote attackers to cause a denial of service (bfd_getl32 heap-based buffer over-read and application crash) via a crafted object file, related ...

5.5CVSS5.9AI score0.00391EPSS