Binutils Security Vulnerabilities and Issues — Binutils CVE List

Lucene search

GnuBinutils

7 matches found

CVE•added 2018/02/18 4:29 a.m.•256 views

CVE-2018-7208

In the coff_pointerize_aux function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, an index is not validated, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a ...

7.8CVSS6.7AI score0.00186EPSS

CVE•added 2018/02/28 9:29 p.m.•240 views

CVE-2018-7568

The parse_die function in dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer overflow and application crash) via an ELF file with corrupt dwarf1 debug information, as demonstrated by n...

5.5CVSS6.1AI score0.00142EPSS

CVE•added 2018/02/28 9:29 p.m.•228 views

CVE-2018-7569

dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer underflow or overflow, and application crash) via an ELF file with a corrupt DWARF FORM block, as demonstrated by nm.

5.5CVSS6AI score0.00136EPSS

CVE•added 2018/02/02 9:29 a.m.•193 views

CVE-2018-6543

In GNU Binutils 2.30, there's an integer overflow in the function load_specific_debug_section() in objdump.c, which results in malloc() with 0 size. A crafted ELF file allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

7.8CVSS6.8AI score0.00136EPSS

CVE•added 2018/02/28 9:29 p.m.•177 views

CVE-2018-7570

The assign_file_positions_for_non_load_sections function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an ELF file with a RELRO segment...

5.5CVSS5.9AI score0.00472EPSS

CVE•added 2018/02/06 9:29 p.m.•174 views

CVE-2018-6759

The bfd_get_debug_link_info_1 function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, has an unchecked strnlen operation. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) via a crafted EL...

5.5CVSS5.7AI score0.00219EPSS

CVE•added 2018/02/09 6:29 a.m.•172 views

CVE-2018-6872

The elf_parse_notes function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (out-of-bounds read and segmentation violation) via a note with a large alignment.

5.5CVSS5.8AI score0.00183EPSS