Binutils Security Vulnerabilities and Issues — Binutils CVE List

Lucene search

GnuBinutils

6 matches found

CVE•added 2020/12/27 4:15 a.m.•192 views

CVE-2020-35448

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35.1. A heap-based buffer over-read can occur in bfd_getl_signed_32 in libbfd.c because sh_entsize is not validated in _bfd_elf_slurp_secondary_reloc_section in elf.c.

4.3CVSS5.1AI score0.00132EPSS

CVE•added 2020/12/09 9:15 p.m.•148 views

CVE-2020-16592

A use after free issue exists in the Binary File Descriptor (BFD) library (aka libbfd) in GNU Binutils 2.34 in bfd_hash_lookup, as demonstrated in nm-new, that can cause a denial of service via a crafted file.

5.5CVSS5.5AI score0.00307EPSS

CVE•added 2020/12/09 9:15 p.m.•142 views

CVE-2020-16599

A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in _bfd_elf_get_symbol_version_string, as demonstrated in nm-new, that can cause a denial of service via a crafted file.

5.5CVSS5.4AI score0.00051EPSS

CVE•added 2020/12/09 9:15 p.m.•102 views

CVE-2020-16590

A double free vulnerability exists in the Binary File Descriptor (BFD) (aka libbrd) in GNU Binutils 2.35 in the process_symbol_table, as demonstrated in readelf, via a crafted file.

5.5CVSS5.7AI score0.00333EPSS

CVE•added 2020/12/09 9:15 p.m.•97 views

CVE-2020-16591

A Denial of Service vulnerability exists in the Binary File Descriptor (BFD) in GNU Binutils 2.35 due to an invalid read in process_symbol_table, as demonstrated in readeif.

5.5CVSS5.7AI score0.00393EPSS

CVE•added 2020/12/09 9:15 p.m.•95 views

CVE-2020-16593

A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in scan_unit_for_symbols, as demonstrated in addr2line, that can cause a denial of service via a crafted file.

5.5CVSS5.5AI score0.00301EPSS