Binutils Security Vulnerabilities and Issues — Binutils CVE List

Lucene search

GnuBinutils

7 matches found

CVE•added 2018/02/18 4:29 a.m.•251 views

CVE-2018-7208

In the coff_pointerize_aux function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, an index is not validated, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a ...

7.8CVSS6.7AI score0.00268EPSS

CVE•added 2018/02/28 9:29 p.m.•234 views

CVE-2018-7568

The parse_die function in dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer overflow and application crash) via an ELF file with corrupt dwarf1 debug information, as demonstrated by n...

5.5CVSS6.1AI score0.00143EPSS

CVE•added 2018/02/28 9:29 p.m.•223 views

CVE-2018-7569

dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer underflow or overflow, and application crash) via an ELF file with a corrupt DWARF FORM block, as demonstrated by nm.

5.5CVSS6AI score0.00273EPSS

CVE•added 2018/02/02 9:29 a.m.•190 views

CVE-2018-6543

In GNU Binutils 2.30, there's an integer overflow in the function load_specific_debug_section() in objdump.c, which results in malloc() with 0 size. A crafted ELF file allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

7.8CVSS6.8AI score0.00266EPSS

CVE•added 2018/02/28 9:29 p.m.•174 views

CVE-2018-7570

The assign_file_positions_for_non_load_sections function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an ELF file with a RELRO segment...

5.5CVSS5.9AI score0.00461EPSS

CVE•added 2018/02/06 9:29 p.m.•171 views

CVE-2018-6759

The bfd_get_debug_link_info_1 function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, has an unchecked strnlen operation. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) via a crafted EL...

5.5CVSS5.7AI score0.00285EPSS

CVE•added 2018/02/09 6:29 a.m.•168 views

CVE-2018-6872

The elf_parse_notes function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (out-of-bounds read and segmentation violation) via a note with a large alignment.

5.5CVSS5.8AI score0.00335EPSS