6 matches found
CVE-2020-35448
CVE-2020-35448 affects GNU Binutils’ libbfd in CP4S (Binary File Descriptor) integration. The issue is a heap-based buffer over-read in bfd_getl_signed_32 in libbfd.c caused by lack of validation of sh_entsize in _bfd_elf_slurp_secondary_reloc_section() in elf.c, which can crash the application (...
CVE-2020-16592
CVE-2020-16592 concerns a use-after-free in the Binary File Descriptor (libbfd) within GNU Binutils 2.34. The vulnerability is triggered in the function bfd_hash_lookup (as used by nm-new), leading to a denial of service via a crafted file. The connected documents identify the affected component ...
CVE-2020-16599
CVE-2020-16599 concerns a NULL pointer dereference in the GNU Binutils library (libbfd) distributed with Binutils 2.35, specifically in _bfd_elf_get_symbol_version_string used by nm-new, which can cause a denial of service via a crafted ELF file. The connected Nessus entries note an “illegal memo...
CVE-2020-16590
Technical details about CVE-2020-16590 are not publicly provided in the connected documents. The initial description notes a double-free in GNU Binutils 2.35 BFD/process_symbol_table, but no further specifics (affected products/versions) are given here. Monitor for updates.
CVE-2020-16591
CVE-2020-16591 : A Denial of Service in the Binary File Descriptor (BFD) of GNU Binutils 2.35 is caused by an invalid read in process_symbol_table (readeif). The description confirms the affected product and root cause and notes a DoS impact. No public details about exploitation methods, affected...
CVE-2020-16593
CVE-2020-16593 is a Null Pointer Dereference in the Binary File Descriptor (BFD) library (libbfd) as distributed in GNU Binutils 2.35, in scan_unit_for_symbols (addr2line demonstrated), leading to denial of service via a crafted file. Connected sources confirm the issue exists in Binutils compone...