Lucene search
K

19 matches found

CVE
CVE
added 2019/07/24 3:30 a.m.376 views

CVE-2019-14250

The CVE-2019-14250 entry affects GNU Binutils (libiberty) and is caused by an missing check for a zero shstrndx in simple-object-elf.c: simple_object_elf_match can overflow memory, causing a heap-based buffer overflow. Affected component: GNU Binutils/libiberty. Root cause: integer overflow from ...

5.5CVSS6.4AI score0.02317EPSS
CVE
CVE
added 2019/10/10 4:21 p.m.319 views

CVE-2019-17450

CVE-2019-17450 affects GNU Binutils’ BFD library (libbfd) in Binutils 2.32, where find_abstract_instance in dwarf2.c can cause infinite recursion and denial of service via a crafted ELF file. Public sources in connected documents indicate a remediation: upgrade Binutils to a patched version (e.g....

6.5CVSS6.3AI score0.02752EPSS
CVE
CVE
added 2019/02/24 12:0 a.m.246 views

CVE-2019-9075

CVE-2019-9075 affects GNU Binutils 2.32 (libbfd) with a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap (archive64.c). Multiple connected sources (Astra Linux, CNVD, Debian tracker, F5 advisory, Cloud Linux updates) confirm the vulnerability in the BFD library and describe potential...

7.8CVSS7.7AI score0.01697EPSS
CVE
CVE
added 2019/02/24 12:0 a.m.218 views

CVE-2019-9074

CVE-2019-9074 affects the GNU Binutils Binary File Descriptor library (libbfd) bundled in Binutils 2.32. It is an out-of-bounds read in bfd_getl32 called from pei-x86_64.c, leading to a SEGV. Several connected advisories confirm impact on local attackers via crafted ELF/PE files and DoS, with pos...

5.5CVSS5.9AI score0.01569EPSS
CVE
CVE
added 2019/01/01 4:0 p.m.208 views

CVE-2018-20651

CVE-2018-20651 is a vulnerability in GNU Binutils (libbfd) where a NULL pointer is dereferenced in elf_link_add_object_symbols (elflink.c) when processing a crafted ET_DYN ELF without program headers. This leads to denial of service and is described as remote-exploit in ld. Connected advisories (...

5.5CVSS6AI score0.02247EPSS
CVE
CVE
added 2019/06/26 1:27 p.m.208 views

CVE-2019-12972

CVE-2019-12972 is a heap-based buffer over-read in the Binary File Descriptor (BFD) library (libbfd) distributed with GNU Binutils 2.32. The vulnerability arises in _bfd_doprnt in bfd.c where elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\0' ...

5.5CVSS6.2AI score0.01802EPSS
CVE
CVE
added 2019/10/10 4:20 p.m.202 views

CVE-2019-17451

CVE-2019-17451 is a vulnerability in GNU Binutils 2.32 (libbfd) where an integer overflow in _bfd_dwarf2_find_nearest_line (dwarf2.c) can cause a SEGV. Affected products reference Binutils in various IBM Netezza/NPS advisories and Astra Linux; remediation is to upgrade to a newer Binutils version...

6.5CVSS6.7AI score0.02396EPSS
CVE
CVE
added 2019/02/24 12:0 a.m.201 views

CVE-2019-9077

CVE-2019-9077 : GNU Binutils 2.32 contains a heap-based buffer overflow in readelf.c (process_mips_specific) triggered by a malformed MIPS option section. Public sources describe potential outcomes as arbitrary code execution or denial of service. Affected users should upgrade Binutils to a non-v...

7.8CVSS7.7AI score0.01976EPSS
CVE
CVE
added 2019/07/30 12:5 p.m.193 views

CVE-2019-14444

CVE-2019-14444: GNU Binutils 2.32 contains an integer overflow in readelf/elfcomm.c (byte_put_little_endian) that can trigger a denial of service via crafted ELF files. IBM Netezza products have addressed this by upgrading Binutils; remediation patches include Netezza Analytics 3.3.8 (and related...

5.5CVSS6.2AI score0.01481EPSS
CVE
CVE
added 2019/01/04 4:0 p.m.178 views

CVE-2018-20671

CVE-2018-20671 affects GNU Binutils up to version 2.31.1, where load_specific_debug_section in objdump.c may overflow an integer, triggering a heap-based buffer overflow via a crafted section size. Connected docs confirm the same description in Astra Linux security bulletin and related advisories...

5.5CVSS6.2AI score0.01973EPSS
CVE
CVE
added 2019/07/23 1:39 p.m.162 views

CVE-2019-1010204

CVE-2019-1010204 affects GNU binutils, specifically the gold linker. The vulnerability arises from a combination of improper input validation , signed/unsigned comparison , and an out-of-bounds read in the code paths for gold/fileread.cc:497 and elfcpp/elfcpp_file.h:644. The documented impact is ...

5.5CVSS5.9AI score0.01115EPSS
CVE
CVE
added 2019/01/04 5:0 p.m.153 views

CVE-2018-20673

CVE-2018-20673 affects the GNU libiberty component (demangle_template() in cplus-dem.c) shipped with GNU Binutils 2.31.1, causing an integer overflow that can lead to a heap-based buffer overflow when creating an array for template argument values (as demonstrated by nm). Connected advisories ref...

5.5CVSS5.7AI score0.01637EPSS
CVE
CVE
added 2019/02/24 12:0 a.m.139 views

CVE-2019-9070

GNU Binutils (libiberty) vulnerability CVE-2019-9070: heap-based buffer over-read in d_expression_1 of cp-demangle.c after deep recursion, affecting Binutils prior to a patched release. Impact per sources includes potential code execution, information leakage, or DoS when processing crafted ELF i...

7.8CVSS7.5AI score0.01802EPSS
CVE
CVE
added 2019/02/24 12:0 a.m.136 views

CVE-2019-9071

CVE-2019-9071 affects GNU Binutils’ libiberty component (cp-demangle.c, function d_count_templates_scopes) with a stack consumption/stack overflow vulnerability after deep recursion. Likely enables buffer overflow and remote code execution in affected contexts as described in multiple advisories....

5.5CVSS6.1AI score0.01813EPSS
CVE
CVE
added 2019/02/24 12:0 a.m.128 views

CVE-2019-9073

CVE-2019-9073 affects the GNU Binutils Binary File Descriptor library (libbfd) shipped with Binutils 2.32. It is an attempted excessive memory allocation in _bfd_elf_slurp_version_tables (elf.c). This can impact availability (PARTIAL per CVSSv3), with local attack vector and no confidentiality/in...

5.5CVSS6.1AI score0.01097EPSS
CVE
CVE
added 2019/01/02 2:0 p.m.114 views

CVE-2018-20657

CVE-2018-20657 affects GNU Binutils’ libiberty, specifically the demangle_template function in cplus-dem.c, distributed with Binutils 2.31.1. The issue is a memory leak triggered by crafted strings, causing a denial of service via memory consumption (as demonstrated by cxxfilt). Connected sources...

7.5CVSS7AI score0.04037EPSS
CVE
CVE
added 2019/02/24 12:0 a.m.99 views

CVE-2019-9072

CVE-2019-9072 affects the GNU Binutils Binary File Descriptor library (libbfd) shipped with Binutils 2.32. The issue is an attempted excessive memory allocation in setup_group() within elf.c, which can enable a denial-of-service through memory exhaustion when processing ELF files. Public advisori...

5.5CVSS5.5AI score0.01159EPSS
CVE
CVE
added 2019/01/15 12:0 a.m.95 views

CVE-2018-20712

CVE-2018-20712 : A heap-based buffer over-read in d_expression_1 (cp-demangle.c) of GNU libiberty, distributed with GNU Binutils 2.31.1, can cause segmentation faults and denial-of-service as shown by c++filt. Connected sources confirm the same flaw and tie it to GNU Binutils components used by b...

6.5CVSS6.3AI score0.02685EPSS
CVE
CVE
added 2019/02/24 12:0 a.m.94 views

CVE-2019-9076

CVE-2019-9076: In GNU Binutils’ Binary File Descriptor library (libbfd) distributed with Binutils 2.32, elf_read_notes in elf.c permits an excessive memory allocation. Connected advisories document the vulnerability in Binutils 2.32 and reference downstream fixes. The EulerOS/Gentoo GLSA entries ...

5.5CVSS6.1AI score0.01228EPSS