Lucene search
+L

27 matches found

CVE
CVE
added 2023/05/17 12:0 a.m.567 views

CVE-2023-1972

CVE-2023-1972 is a memory corruption issue in GNU Binutils. The initial description confirms a potential heap-based buffer overflow in _bfd_elf_slurp_version_tables() within bfd/elf.c, which may lead to loss of availability. Connected documents specify affected package family as binutils and note...

6.5CVSS6.7AI score0.00895EPSS
CVE
CVE
added 2023/04/03 12:0 a.m.535 views

CVE-2023-1579

CVE-2023-1579 is a heap-based buffer overflow in GNU binutils’ binutils-gdb/bfd/libbfd.c (function bfd_getl64 ). The connected documents confirm this is triggered when processing input, enabling a potential local attacker to cause a crash or execute arbitrary code, as reflected by the CVSS vector...

7.8CVSS7.8AI score0.00486EPSS
CVE
CVE
added 2023/01/27 12:0 a.m.202 views

CVE-2022-4285

CVE-2022-4285 is a memory access flaw in GNU binutils that can cause a denial of service when parsing an ELF file with corrupt symbol version information. It stems from an incomplete fix for CVE-2020-16599. Multiple sources (including AlmaLinux advisories and Broadcom/Brocade disclosures referenc...

5.5CVSS5.6AI score0.00437EPSS
CVE
CVE
added 2023/08/22 12:0 a.m.198 views

CVE-2022-48064

CVE-2022-48064 affects GNU Binutils up to version 2.40, where an excessive memory consumption vulnerability in bfd_dwarf2_find_nearest_line_with_alt (dwarf2.c) can be triggered by a crafted ELF file, enabling a remote attacker to cause a DNS attack. IBM/Red Hat/Amazon advisories indicate this req...

5.5CVSS6AI score0.0059EPSS
CVE
CVE
added 2023/08/22 12:0 a.m.187 views

CVE-2022-48065

CVE-2022-48065 affects GNU Binutils up to version 2.39.x (before 2.40). The vulnerability is a memory leak in the function find_abstract_instance in the file dwarf2.c . The issue can lead to increased memory consumption and, as reported in sources, potential crashes. The connected documents consi...

5.5CVSS6.1AI score0.00654EPSS
CVE
CVE
added 2023/09/14 8:47 p.m.182 views

CVE-2023-25588

CVE-2023-25588 affects GNU Binutils: the the_bfd field of the asymbol struct is uninitialized in bfd_mach_o_get_synthetic_symtab, potentially causing a crash and local denial of service. Exploitation details are not provided in the documents reviewed here. Several advisories reference this CVE am...

5.5CVSS5.3AI score0.00375EPSS
CVE
CVE
added 2023/08/22 12:0 a.m.178 views

CVE-2022-45703

CVE-2022-45703 is a heap buffer overflow in GNU binutils' readelf tool (readelf.c, display_debug_section) affecting readelf before 2.40. The vulnerability could lead to arbitrary code execution or a crash per the description; the issue is addressed by upgrading to binutils 2.40 or newer. Exploita...

7.8CVSS7.8AI score0.00513EPSS
CVE
CVE
added 2023/08/22 12:0 a.m.178 views

CVE-2022-48063

The connected sources confirm CVE-2022-48063 affects GNU Binutils prior to 2.40. The vulnerability is an excessive memory consumption issue in the load_separate_debug_files function (dwarf2.c). An attacker could create a crafted ELF file to trigger a DNS-based denial of service. Impact is limited...

5.5CVSS6AI score0.00483EPSS
CVE
CVE
added 2023/08/22 12:0 a.m.176 views

CVE-2022-44840

CVE-2022-44840: A heap/denial-of-service vulnerability in GNU Binutils readelf.c (find_section_in_set) affects readelf up to version before 2.40. A locally authenticated attacker could craft input to trigger a heap-based buffer overflow, potentially causing a crash or denial of service. Public de...

7.8CVSS7.7AI score0.00461EPSS
CVE
CVE
added 2023/08/22 12:0 a.m.175 views

CVE-2022-47673

CVE-2022-47673 concerns Binutils addr2line prior to 2.39.3, where parse_module contains multiple out-of-bounds reads that may cause a denial of service or other unspecified impacts. This vulnerability is consistently described across multiple connected sources as a Binutils addr2line issue with o...

7.8CVSS7.4AI score0.00434EPSS
CVE
CVE
added 2023/09/14 8:50 p.m.174 views

CVE-2023-25585

Binutils contains CVE-2023-25585: the file_table field of struct module *module is uninitialized, which may cause an application crash and local denial of service. This is corroborated by multiple connected advisories (Astra Linux, Alpine Linux, Debian Security Tracker, FreeBSD VuxML, and CVE rec...

5.5CVSS5.6AI score0.00376EPSS
CVE
CVE
added 2023/08/22 12:0 a.m.167 views

CVE-2020-19726

CVE-2020-19726 concerns GNU Binutils, specifically the libbfd.c 2.36 component. The issue allows an attacker to read or write system memory and can cause a denial of service, per the provided description. Connected advisories (Cloud Foundry USN, Debian tracker, Astra Linux, etc.) corroborate a me...

8.8CVSS8.2AI score0.00664EPSS
CVE
CVE
added 2023/07/18 12:0 a.m.164 views

CVE-2021-32256

CVE-2021-32256 is a stack-overflow in demangle_type within GNU libiberty (as distributed in GNU Binutils 2.36). It affects Binutils/libiberty components (e.g., gcc/gdb contexts linked to Binutils) and can lead to denial of service via stack overflow. Connected records confirm a patched version is...

6.5CVSS6.6AI score0.00667EPSS
CVE
CVE
added 2023/08/22 12:0 a.m.163 views

CVE-2022-35205

CVE-2022-35205 concerns GNU Binutils, specifically the readelf tool in version 2.38.50. The issue is a reachable assertion failure in display_debug_names, which can be exploited to cause a denial of service. Multiple connected documents confirm this CVE and describe the affected component as part...

5.5CVSS6.3AI score0.00397EPSS
CVE
CVE
added 2023/08/22 12:0 a.m.163 views

CVE-2022-47695

GNU Binutils objdump before 2.39.3 is affected by CVE-2022-47695. The issue arises in bfd_mach_o_get_synthetic_symtab within match-o.c, enabling denial of service or other unspecified impacts. Affected product scope across multiple advisories references the binutils toolset (objdump) and confirms...

7.8CVSS7.3AI score0.00461EPSS
CVE
CVE
added 2023/08/22 12:0 a.m.159 views

CVE-2022-47696

CVE-2022-47696 is a vulnerability in GNU Binutils’ objdump prior to 2.39.3 where the function compare_symbols can be exploited to cause a denial of service and other unspecified impacts. The connected sources consistently describe this as a DoS in objdump and indicate the issue affects Binutils v...

7.8CVSS7.3AI score0.00404EPSS
CVE
CVE
added 2023/09/14 8:50 p.m.145 views

CVE-2023-25584

CVE-2023-25584: An out-of-bounds read flaw exists in Binutils’ parse_module function (bfd/vms-alpha.c). Connected sources (Astra Linux bulletin and related entries) reiterate the same description, confirming a vulnerability in Binutils. Documented impact includes potential crashes and possible in...

7.1CVSS6.4AI score0.00379EPSS
CVE
CVE
added 2023/08/22 12:0 a.m.130 views

CVE-2022-35206

CVE-2022-35206 is a null pointer dereference in GNU Binutils readelf 2.38.50, triggered via read_and_display_attr_value in dwarf.c. Impact in the connected docs indicates a potential denial of service; exploitation appears to be local. Public remediation details in the connected materials point t...

5.5CVSS5.6AI score0.00298EPSS
CVE
CVE
added 2023/08/22 12:0 a.m.121 views

CVE-2021-46174

CVE-2021-46174 is a heap-based buffer overflow in GNU Binutils objdump (function bfd_getl32). Multiple connected advisories reference the same issue, with descriptions asserting a heap overflow in Binutils objdump 3.37 and related components. The CVE is associated with potential denial-of-service...

7.5CVSS7.4AI score0.00698EPSS
CVE
CVE
added 2023/08/22 12:0 a.m.120 views

CVE-2022-47007

CVE-2022-47007 affects GNU binutils, specifically the function stab_demangle_v3_arg in stabs.c, with vulnerable ranges reported as Binutils 2.34 through 2.38. The issue is a memory leak that can be exploited to cause a denial of service. The impact is described as memory-related DoS, with exploit...

5.5CVSS5.9AI score0.00403EPSS
CVE
CVE
added 2023/08/22 12:0 a.m.104 views

CVE-2022-47008

CVE-2022-47008 affects GNU Binutils (2.34–2.38) with a memory-leak issue in bucomm.c causing denial of service. Connected sources confirm the vulnerable functions make_tempdir and make_tempname and the impact is a DoS due to memory leaks. Affected products are Binutils variants across distributio...

5.5CVSS5.9AI score0.00403EPSS
CVE
CVE
added 2023/08/22 12:0 a.m.99 views

CVE-2020-19724

CVE-2020-19724: A memory consumption issue in get_data (binutils/nm.c) affects GNU nm prior to 2.34, enabling denial of service via crafted input. The primary technical detail is a memory‑based DoS in the get_data path of nm for nm.c; impact is a DoS condition. The Initial Description and connect...

5.5CVSS6.2AI score0.00275EPSS
CVE
CVE
added 2023/08/22 12:0 a.m.99 views

CVE-2022-47010

CVE-2022-47010 is a memory-leak DoS in GNU binutils’ pr_function_type (prdbg.c) affecting Binutils 2.34–2.38. Public advisories confirm this issue and reference patches/updates; e.g., Cloud Foundry USN consolidates related binutils fixes, and Mariner notes exposure for versions

5.5CVSS5.9AI score0.00403EPSS
CVE
CVE
added 2023/08/22 12:0 a.m.96 views

CVE-2022-47011

CVE-2022-47011 affects Binutils with a memory-leak related DoS in parse_stab_struct_fields (stabs.c) for Binutils 2.34–2.38. The connected documents confirm the issue is a memory-leak DoS vulnerability impacting Binutils, with multiple advisories referencing the same function as the root cause. E...

5.5CVSS5.9AI score0.00403EPSS
CVE
CVE
added 2023/09/14 8:49 p.m.87 views

CVE-2023-25586

CVE-2023-25586 affects Binutils: a logic fail in bfd_init_section_decompress_status may use an uninitialized variable, causing a crash and local denial of service. Connected advisories confirm a fixed Binutils version; upstream advisories (e.g., TencentOS/FreeBSD entries) indicate a newer Binutil...

5.5CVSS4.9AI score0.00347EPSS
CVE
CVE
added 2023/08/22 12:0 a.m.83 views

CVE-2020-21490

CVE-2020-21490 is a memory-leak issue in GNU Binutils 2.34, triggered during disassembly of microblaze instructions (microblaze-dis.c). The memory consumption per disassembled instruction can lead to resource exhaustion and potential denial of service. Connected advisories (e.g., EulerOS summarie...

5.5CVSS6AI score0.00302EPSS
CVE
CVE
added 2023/08/22 12:0 a.m.83 views

CVE-2020-35342

CVE-2020-35342 (GNU Binutils) affects Binutils before 2.34, with an uninitialized-heap vulnerability in tic4x_print_cond (opcodes/tic4x-dis.c) that could lead to information leakage. Affected software: GNU Binutils; root cause: uninitialized heap memory in a print handler. Impact: potential infor...

7.5CVSS7.1AI score0.00659EPSS