Search for packages
| purl | pkg:alpm/archlinux/binutils@2.26.0-1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-5jyx-ucn3-aaaa
Aliases: CVE-2017-7226 |
The pe_ILF_object_p function in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a heap-based buffer over-read of size 4049 because it uses the strlen function instead of strnlen, leading to program crashes in several utilities such as addr2line, size, and strings. It could lead to information disclosure as well. |
Affected by 1 other vulnerability. |
|
VCID-bdsp-rb33-aaaq
Aliases: CVE-2017-7224 |
The find_nearest_line function in objdump in GNU Binutils 2.28 is vulnerable to an invalid write (of size 1) while disassembling a corrupt binary that contains an empty function name, leading to a program crash. |
Affected by 1 other vulnerability. |
|
VCID-wu7f-wxmc-aaam
Aliases: CVE-2017-7223 |
GNU assembler in GNU Binutils 2.28 is vulnerable to a global buffer overflow (of size 1) while attempting to unget an EOF character from the input stream, potentially leading to a program crash. |
Affected by 1 other vulnerability. |
|
VCID-xvrb-z3xf-aaap
Aliases: CVE-2017-7225 |
The find_nearest_line function in addr2line in GNU Binutils 2.28 does not handle the case where the main file name and the directory name are both empty, triggering a NULL pointer dereference and an invalid write, and leading to a program crash. |
Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T07:45:57.636444+00:00 | Arch Linux Importer | Affected by | VCID-wu7f-wxmc-aaam | https://security.archlinux.org/AVG-936 | 36.0.0 |
| 2025-03-28T07:45:57.617779+00:00 | Arch Linux Importer | Affected by | VCID-bdsp-rb33-aaaq | https://security.archlinux.org/AVG-936 | 36.0.0 |
| 2025-03-28T07:45:57.599098+00:00 | Arch Linux Importer | Affected by | VCID-xvrb-z3xf-aaap | https://security.archlinux.org/AVG-936 | 36.0.0 |
| 2025-03-28T07:45:57.580502+00:00 | Arch Linux Importer | Affected by | VCID-5jyx-ucn3-aaaa | https://security.archlinux.org/AVG-936 | 36.0.0 |
| 2024-09-18T02:01:00.560848+00:00 | Arch Linux Importer | Affected by | VCID-wu7f-wxmc-aaam | https://security.archlinux.org/AVG-936 | 34.0.1 |
| 2024-09-18T02:01:00.537240+00:00 | Arch Linux Importer | Affected by | VCID-bdsp-rb33-aaaq | https://security.archlinux.org/AVG-936 | 34.0.1 |
| 2024-09-18T02:01:00.514743+00:00 | Arch Linux Importer | Affected by | VCID-xvrb-z3xf-aaap | https://security.archlinux.org/AVG-936 | 34.0.1 |
| 2024-09-18T02:01:00.495799+00:00 | Arch Linux Importer | Affected by | VCID-5jyx-ucn3-aaaa | https://security.archlinux.org/AVG-936 | 34.0.1 |
| 2024-01-03T22:27:16.922841+00:00 | Arch Linux Importer | Affected by | VCID-wu7f-wxmc-aaam | https://security.archlinux.org/AVG-936 | 34.0.0rc1 |
| 2024-01-03T22:27:16.899216+00:00 | Arch Linux Importer | Affected by | VCID-bdsp-rb33-aaaq | https://security.archlinux.org/AVG-936 | 34.0.0rc1 |
| 2024-01-03T22:27:16.872353+00:00 | Arch Linux Importer | Affected by | VCID-xvrb-z3xf-aaap | https://security.archlinux.org/AVG-936 | 34.0.0rc1 |
| 2024-01-03T22:27:16.846007+00:00 | Arch Linux Importer | Affected by | VCID-5jyx-ucn3-aaaa | https://security.archlinux.org/AVG-936 | 34.0.0rc1 |