7 matches found
CVE-2014-8737
CVE-2014-8737 is a directory traversal vulnerability in GNU Binutils up to version 2.24, enabling a local attacker to delete arbitrary files or create arbitrary files by crafting archive paths (dot-dot or full paths) in strip, objcopy, or ar. Affected component set includes binutils and its archi...
CVE-2025-1150
CVE-2025-1150 affects GNU Binutils, specifically the ld component’s libbfd.c function bfd_malloc, causing a memory leak. Public reports describe remote exploitation with high attack complexity and an initial leak in Binutils 2.43. Connected advisories confirm fixes were implemented in later binut...
CVE-2025-1149
CVE-2025-1149 affects GNU Binutils 2.43, specifically the xstrdup path in libiberty/xmalloc.c used by ld, causing a memory leak. The issue can be exploited remotely and is described as high attack complexity with the exploit publicly disclosed. Reports indicate fixes have been committed to the ma...
CVE-2025-1151
CVE-2025-1151 concerns GNU Binutils 2.43, where the memory leak originates in ld’s xmemdup.c (function xmemdup). The vulnerability can be triggered remotely and is described as high attack complexity with a disclosed exploit. Several connected advisories document a patch path: openSUSE/SUSE advis...
CVE-2025-1152
CVE-2025-1152 affects GNU Binutils 2.43, specifically the function xstrdup in xstrdup.c within the ld component, causing a memory leak. Publicly disclosed exploit details indicate the issue can be triggered remotely, with attack complexity described as high and exploitability as low to moderate d...
CVE-2025-1180
The CVE-2025-1180 issue affects GNU Binutils 2.43, specifically the _bfd_elf_write_section_eh_frame function in bfd/elf-eh-frame.c used by ld. It causes memory corruption and can be triggered remotely; attack complexity is high, and exploitation is possible after disclosure. The available sources...
CVE-2025-1148
GNU Binutils 2.43 contains a memory-leak vulnerability in ld/ldelfgen.c: link_order_scan. The issue is exploitable remotely with high attack complexity; vendor notes fixes have been made on master and a 2.45 branch/updates are available (binutils 2.45), so upgrading to a newer Binutils release is...