VulnerableCode Package Details - pkg:alpm/archlinux/binutils@2.29.0-1

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-2g37-m7h8-aaan	GNU Binutils 2.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to MIPS GOT mishandling in the process_mips_specific function in readelf.c.	CVE-2017-9041
VCID-8avx-j583-aaap	readelf.c in GNU Binutils 2017-04-12 has a "shift exponent too large for type unsigned long" issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file.	CVE-2017-9043
VCID-j35t-2dc1-aaar	The dump_section_as_bytes function in readelf in GNU Binutils 2.28 accesses a NULL pointer while reading section contents in a corrupt binary, leading to a program crash.	CVE-2017-7209
VCID-kbr7-tbru-aaaq	readelf.c in GNU Binutils 2017-04-12 has a "cannot be represented in type long" issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file.	CVE-2017-9042
VCID-p85y-jrz7-aaab	GNU Binutils 2017-04-03 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash), related to the process_mips_specific function in readelf.c, via a crafted ELF file that triggers a large memory-allocation attempt.	CVE-2017-9040
VCID-pdrv-qfbp-aaan	readelf in GNU Binutils 2.28 has a use-after-free (specifically read-after-free) error while processing multiple, relocated sections in an MSP430 binary. This is caused by mishandling of an invalid symbol index, and mishandling of state across invocations.	CVE-2017-6966
VCID-rf1t-p1hp-aaar	The print_symbol_for_build_attribute function in readelf.c in GNU Binutils 2017-04-12 allows remote attackers to cause a denial of service (invalid read and SEGV) via a crafted ELF file.	CVE-2017-9044
VCID-szyg-h58d-aaas	readelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer over-read while processing corrupt RL78 binaries. The vulnerability can trigger program crashes. It may lead to an information leak as well.	CVE-2017-6969
VCID-y3jg-d2j2-aaar	readelf in GNU Binutils 2.28 writes to illegal addresses while processing corrupt input files containing symbol-difference relocations, leading to a heap-based buffer overflow.	CVE-2017-6965
VCID-ysqh-yybj-aaac	GNU Binutils 2.28 allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file with many program headers, related to the get_program_headers function in readelf.c.	CVE-2017-9039
VCID-yt2h-eyr6-aaaa	objdump in GNU Binutils 2.28 is vulnerable to multiple heap-based buffer over-reads (of size 1 and size 8) while handling corrupt STABS enum type strings in a crafted object file, leading to program crash.	CVE-2017-7210
VCID-zg4d-pabs-aaap	GNU Binutils 2.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to the byte_get_little_endian function in elfcomm.c, the get_unwind_section_word function in readelf.c, and ARM unwind information that contains invalid word offsets.	CVE-2017-9038

Vulnerability

Summary

Aliases

VCID-2g37-m7h8-aaan

GNU Binutils 2.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to MIPS GOT mishandling in the process_mips_specific function in readelf.c.

CVE-2017-9041

VCID-8avx-j583-aaap

readelf.c in GNU Binutils 2017-04-12 has a "shift exponent too large for type unsigned long" issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file.

CVE-2017-9043

VCID-j35t-2dc1-aaar

The dump_section_as_bytes function in readelf in GNU Binutils 2.28 accesses a NULL pointer while reading section contents in a corrupt binary, leading to a program crash.

CVE-2017-7209

VCID-kbr7-tbru-aaaq

readelf.c in GNU Binutils 2017-04-12 has a "cannot be represented in type long" issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file.

CVE-2017-9042

VCID-p85y-jrz7-aaab

GNU Binutils 2017-04-03 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash), related to the process_mips_specific function in readelf.c, via a crafted ELF file that triggers a large memory-allocation attempt.

CVE-2017-9040

VCID-pdrv-qfbp-aaan

readelf in GNU Binutils 2.28 has a use-after-free (specifically read-after-free) error while processing multiple, relocated sections in an MSP430 binary. This is caused by mishandling of an invalid symbol index, and mishandling of state across invocations.

CVE-2017-6966

VCID-rf1t-p1hp-aaar

The print_symbol_for_build_attribute function in readelf.c in GNU Binutils 2017-04-12 allows remote attackers to cause a denial of service (invalid read and SEGV) via a crafted ELF file.

CVE-2017-9044

VCID-szyg-h58d-aaas

readelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer over-read while processing corrupt RL78 binaries. The vulnerability can trigger program crashes. It may lead to an information leak as well.

CVE-2017-6969

VCID-y3jg-d2j2-aaar

readelf in GNU Binutils 2.28 writes to illegal addresses while processing corrupt input files containing symbol-difference relocations, leading to a heap-based buffer overflow.

CVE-2017-6965

VCID-ysqh-yybj-aaac

GNU Binutils 2.28 allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file with many program headers, related to the get_program_headers function in readelf.c.

CVE-2017-9039

VCID-yt2h-eyr6-aaaa

objdump in GNU Binutils 2.28 is vulnerable to multiple heap-based buffer over-reads (of size 1 and size 8) while handling corrupt STABS enum type strings in a crafted object file, leading to program crash.

CVE-2017-7210

VCID-zg4d-pabs-aaap

GNU Binutils 2.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to the byte_get_little_endian function in elfcomm.c, the get_unwind_section_word function in readelf.c, and ARM unwind information that contains invalid word offsets.

CVE-2017-9038

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T07:46:12.930727+00:00	Arch Linux Importer	Fixing	VCID-y3jg-d2j2-aaar	https://security.archlinux.org/AVG-276	36.0.0
2025-03-28T07:46:12.912111+00:00	Arch Linux Importer	Fixing	VCID-pdrv-qfbp-aaan	https://security.archlinux.org/AVG-276	36.0.0
2025-03-28T07:46:12.893380+00:00	Arch Linux Importer	Fixing	VCID-szyg-h58d-aaas	https://security.archlinux.org/AVG-276	36.0.0
2025-03-28T07:46:12.874859+00:00	Arch Linux Importer	Fixing	VCID-j35t-2dc1-aaar	https://security.archlinux.org/AVG-276	36.0.0
2025-03-28T07:46:12.856263+00:00	Arch Linux Importer	Fixing	VCID-yt2h-eyr6-aaaa	https://security.archlinux.org/AVG-276	36.0.0
2025-03-28T07:46:12.837563+00:00	Arch Linux Importer	Fixing	VCID-zg4d-pabs-aaap	https://security.archlinux.org/AVG-276	36.0.0
2025-03-28T07:46:12.819020+00:00	Arch Linux Importer	Fixing	VCID-ysqh-yybj-aaac	https://security.archlinux.org/AVG-276	36.0.0
2025-03-28T07:46:12.800203+00:00	Arch Linux Importer	Fixing	VCID-p85y-jrz7-aaab	https://security.archlinux.org/AVG-276	36.0.0
2025-03-28T07:46:12.781558+00:00	Arch Linux Importer	Fixing	VCID-2g37-m7h8-aaan	https://security.archlinux.org/AVG-276	36.0.0
2025-03-28T07:46:12.763053+00:00	Arch Linux Importer	Fixing	VCID-kbr7-tbru-aaaq	https://security.archlinux.org/AVG-276	36.0.0
2025-03-28T07:46:12.744379+00:00	Arch Linux Importer	Fixing	VCID-8avx-j583-aaap	https://security.archlinux.org/AVG-276	36.0.0
2025-03-28T07:46:12.725706+00:00	Arch Linux Importer	Fixing	VCID-rf1t-p1hp-aaar	https://security.archlinux.org/AVG-276	36.0.0
2024-09-18T02:01:23.221632+00:00	Arch Linux Importer	Fixing	VCID-y3jg-d2j2-aaar	https://security.archlinux.org/AVG-276	34.0.1
2024-09-18T02:01:23.195268+00:00	Arch Linux Importer	Fixing	VCID-pdrv-qfbp-aaan	https://security.archlinux.org/AVG-276	34.0.1
2024-09-18T02:01:23.168427+00:00	Arch Linux Importer	Fixing	VCID-szyg-h58d-aaas	https://security.archlinux.org/AVG-276	34.0.1
2024-09-18T02:01:23.136239+00:00	Arch Linux Importer	Fixing	VCID-j35t-2dc1-aaar	https://security.archlinux.org/AVG-276	34.0.1
2024-09-18T02:01:23.110573+00:00	Arch Linux Importer	Fixing	VCID-yt2h-eyr6-aaaa	https://security.archlinux.org/AVG-276	34.0.1
2024-09-18T02:01:23.081044+00:00	Arch Linux Importer	Fixing	VCID-zg4d-pabs-aaap	https://security.archlinux.org/AVG-276	34.0.1
2024-09-18T02:01:23.060428+00:00	Arch Linux Importer	Fixing	VCID-ysqh-yybj-aaac	https://security.archlinux.org/AVG-276	34.0.1
2024-09-18T02:01:23.029061+00:00	Arch Linux Importer	Fixing	VCID-p85y-jrz7-aaab	https://security.archlinux.org/AVG-276	34.0.1
2024-09-18T02:01:23.004363+00:00	Arch Linux Importer	Fixing	VCID-2g37-m7h8-aaan	https://security.archlinux.org/AVG-276	34.0.1
2024-09-18T02:01:22.978119+00:00	Arch Linux Importer	Fixing	VCID-kbr7-tbru-aaaq	https://security.archlinux.org/AVG-276	34.0.1
2024-09-18T02:01:22.952598+00:00	Arch Linux Importer	Fixing	VCID-8avx-j583-aaap	https://security.archlinux.org/AVG-276	34.0.1
2024-09-18T02:01:22.926552+00:00	Arch Linux Importer	Fixing	VCID-rf1t-p1hp-aaar	https://security.archlinux.org/AVG-276	34.0.1
2024-01-03T22:27:33.455326+00:00	Arch Linux Importer	Fixing	VCID-y3jg-d2j2-aaar	https://security.archlinux.org/AVG-276	34.0.0rc1
2024-01-03T22:27:33.433690+00:00	Arch Linux Importer	Fixing	VCID-pdrv-qfbp-aaan	https://security.archlinux.org/AVG-276	34.0.0rc1
2024-01-03T22:27:33.411192+00:00	Arch Linux Importer	Fixing	VCID-szyg-h58d-aaas	https://security.archlinux.org/AVG-276	34.0.0rc1
2024-01-03T22:27:33.391982+00:00	Arch Linux Importer	Fixing	VCID-j35t-2dc1-aaar	https://security.archlinux.org/AVG-276	34.0.0rc1
2024-01-03T22:27:33.373052+00:00	Arch Linux Importer	Fixing	VCID-yt2h-eyr6-aaaa	https://security.archlinux.org/AVG-276	34.0.0rc1
2024-01-03T22:27:33.354008+00:00	Arch Linux Importer	Fixing	VCID-zg4d-pabs-aaap	https://security.archlinux.org/AVG-276	34.0.0rc1
2024-01-03T22:27:33.334779+00:00	Arch Linux Importer	Fixing	VCID-ysqh-yybj-aaac	https://security.archlinux.org/AVG-276	34.0.0rc1
2024-01-03T22:27:33.315603+00:00	Arch Linux Importer	Fixing	VCID-p85y-jrz7-aaab	https://security.archlinux.org/AVG-276	34.0.0rc1
2024-01-03T22:27:33.296525+00:00	Arch Linux Importer	Fixing	VCID-2g37-m7h8-aaan	https://security.archlinux.org/AVG-276	34.0.0rc1
2024-01-03T22:27:33.277472+00:00	Arch Linux Importer	Fixing	VCID-kbr7-tbru-aaaq	https://security.archlinux.org/AVG-276	34.0.0rc1
2024-01-03T22:27:33.258391+00:00	Arch Linux Importer	Fixing	VCID-8avx-j583-aaap	https://security.archlinux.org/AVG-276	34.0.0rc1
2024-01-03T22:27:33.239492+00:00	Arch Linux Importer	Fixing	VCID-rf1t-p1hp-aaar	https://security.archlinux.org/AVG-276	34.0.0rc1

2025-03-28T07:46:12.930727+00:00

Arch Linux Importer

Fixing