Total
241 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-13716 | 1 Gnu | 1 Binutils | 2019-10-03 | 7.1 HIGH | 5.5 MEDIUM |
| The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd). | |||||
| CVE-2018-20712 | 1 Gnu | 1 Binutils | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt. | |||||
| CVE-2018-12698 | 2 Canonical, Gnu | 2 Ubuntu Linux, Binutils | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of objdump. | |||||
| CVE-2018-10534 | 2 Gnu, Redhat | 4 Binutils, Enterprise Linux Desktop, Enterprise Linux Server and 1 more | 2019-08-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| The _bfd_XX_bfd_copy_private_bfd_data_common function in peXXigen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, processes a negative Data Directory size with an unbounded loop that increases the value of (external_IMAGE_DEBUG_DIRECTORY) *edd so that the address exceeds its own memory region, resulting in an out-of-bounds memory write, as demonstrated by objcopy copying private info with _bfd_pex64_bfd_copy_private_bfd_data_common in pex64igen.c. | |||||
| CVE-2018-10535 | 2 Gnu, Redhat | 4 Binutils, Enterprise Linux Desktop, Enterprise Linux Server and 1 more | 2019-08-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| The ignore_section_sym function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, does not validate the output_section pointer in the case of a symtab entry with a "SECTION" type that has a "0" value, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file, as demonstrated by objcopy. | |||||
| CVE-2018-12699 | 2 Canonical, Gnu | 2 Ubuntu Linux, Binutils | 2019-08-03 | 7.5 HIGH | 9.8 CRITICAL |
| finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump. | |||||
| CVE-2018-12697 | 2 Canonical, Gnu | 2 Ubuntu Linux, Binutils | 2019-08-03 | 5.0 MEDIUM | 7.5 HIGH |
| A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump. | |||||
| CVE-2018-10373 | 2 Gnu, Redhat | 4 Binutils, Enterprise Linux Desktop, Enterprise Linux Server and 1 more | 2019-08-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| concat_filename in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted binary file, as demonstrated by nm-new. | |||||
| CVE-2018-10372 | 2 Gnu, Redhat | 4 Binutils, Enterprise Linux Desktop, Enterprise Linux Server and 1 more | 2019-08-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| process_cu_tu_index in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted binary file, as demonstrated by readelf. | |||||
| CVE-2017-7227 | 1 Gnu | 1 Binutils | 2018-01-09 | 5.0 MEDIUM | 7.5 HIGH |
| GNU linker (ld) in GNU Binutils 2.28 is vulnerable to a heap-based buffer overflow while processing a bogus input script, leading to a program crash. This relates to lack of '\0' termination of a name field in ldlex.l. | |||||
| CVE-2017-9750 | 1 Gnu | 1 Binutils | 2018-01-09 | 6.8 MEDIUM | 7.8 HIGH |
| opcodes/rx-decode.opc in GNU Binutils 2.28 lacks bounds checks for certain scale arrays, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. | |||||
| CVE-2017-9751 | 1 Gnu | 1 Binutils | 2018-01-09 | 6.8 MEDIUM | 7.8 HIGH |
| opcodes/rl78-decode.opc in GNU Binutils 2.28 has an unbounded GETBYTE macro, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. | |||||
| CVE-2017-9749 | 1 Gnu | 1 Binutils | 2018-01-09 | 6.8 MEDIUM | 7.8 HIGH |
| The *regs* macros in opcodes/bfin-dis.c in GNU Binutils 2.28 allow remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. | |||||
| CVE-2017-14333 | 1 Gnu | 1 Binutils | 2018-01-09 | 4.3 MEDIUM | 7.8 HIGH |
| The process_version_sections function in readelf.c in GNU Binutils 2.29 allows attackers to cause a denial of service (Integer Overflow, and hang because of a time-consuming loop) or possibly have unspecified other impact via a crafted binary file with invalid values of ent.vn_next, during "readelf -a" execution. | |||||
| CVE-2017-7225 | 1 Gnu | 1 Binutils | 2018-01-09 | 5.0 MEDIUM | 7.5 HIGH |
| The find_nearest_line function in addr2line in GNU Binutils 2.28 does not handle the case where the main file name and the directory name are both empty, triggering a NULL pointer dereference and an invalid write, and leading to a program crash. | |||||
| CVE-2017-9756 | 1 Gnu | 1 Binutils | 2018-01-09 | 6.8 MEDIUM | 7.8 HIGH |
| The aarch64_ext_ldst_reglist function in opcodes/aarch64-dis.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. | |||||
| CVE-2017-7223 | 1 Gnu | 1 Binutils | 2018-01-09 | 5.0 MEDIUM | 7.5 HIGH |
| GNU assembler in GNU Binutils 2.28 is vulnerable to a global buffer overflow (of size 1) while attempting to unget an EOF character from the input stream, potentially leading to a program crash. | |||||
| CVE-2017-9755 | 1 Gnu | 1 Binutils | 2018-01-09 | 6.8 MEDIUM | 7.8 HIGH |
| opcodes/i386-dis.c in GNU Binutils 2.28 does not consider the number of registers for bnd mode, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. | |||||
| CVE-2017-7210 | 1 Gnu | 1 Binutils | 2018-01-09 | 4.3 MEDIUM | 5.5 MEDIUM |
| objdump in GNU Binutils 2.28 is vulnerable to multiple heap-based buffer over-reads (of size 1 and size 8) while handling corrupt STABS enum type strings in a crafted object file, leading to program crash. | |||||
| CVE-2017-9743 | 1 Gnu | 1 Binutils | 2018-01-09 | 6.8 MEDIUM | 7.8 HIGH |
| The print_insn_score32 function in opcodes/score7-dis.c:552 in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. | |||||