Search for packages
Package details: pkg:alpm/archlinux/binutils@2.29.1-3
purl pkg:alpm/archlinux/binutils@2.29.1-3
Next non-vulnerable version 2.30-1
Latest non-vulnerable version 2.38-1
Risk 4.0
Vulnerabilities affecting this package (12)
Vulnerability Summary Fixed by
VCID-afuk-zmu1-aaae
Aliases:
CVE-2017-15025
decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted ELF file.
2.30-1
Affected by 0 other vulnerabilities.
VCID-cw6f-akx6-aaae
Aliases:
CVE-2017-15022
dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the DW_AT_name data type, which allows remote attackers to cause a denial of service (bfd_hash_hash NULL pointer dereference, or out-of-bounds access, and application crash) via a crafted ELF file, related to scan_unit_for_symbols and parse_comp_unit.
2.30-1
Affected by 0 other vulnerabilities.
VCID-cz2e-tkm6-aaag
Aliases:
CVE-2017-17126
The load_debug_section function in readelf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via an ELF file that lacks section headers.
2.30-1
Affected by 0 other vulnerabilities.
VCID-e1s8-nwar-aaad
Aliases:
CVE-2017-17125
nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global symbols, which allows remote attackers to cause a denial of service (_bfd_elf_get_symbol_version_string buffer over-read and application crash) or possibly have unspecified other impact via a crafted ELF file.
2.30-1
Affected by 0 other vulnerabilities.
VCID-jb8u-2tyg-aaaj
Aliases:
CVE-2017-17124
The _bfd_coff_read_string_table function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not properly validate the size of the external string table, which allows remote attackers to cause a denial of service (excessive memory consumption, or heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted COFF binary.
2.30-1
Affected by 0 other vulnerabilities.
VCID-mfpt-7f3s-aaad
Aliases:
CVE-2017-15021
bfd_get_debug_link_info_1 in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to bfd_getl32.
2.30-1
Affected by 0 other vulnerabilities.
VCID-n2pk-dwts-aaaj
Aliases:
CVE-2017-15996
elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service (excessive memory allocation) or possibly have unspecified other impact via a crafted ELF file that triggers a "buffer overflow on fuzzed archive header," related to an uninitialized variable, an improper conditional jump, and the get_archive_member_name, process_archive_index_and_symbols, and setup_archive functions.
2.30-1
Affected by 0 other vulnerabilities.
VCID-ptmx-tcrv-aaan
Aliases:
CVE-2017-17123
The coff_slurp_reloc_table function in coffcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted COFF based file.
2.30-1
Affected by 0 other vulnerabilities.
VCID-r8bp-9ajm-aaad
Aliases:
CVE-2017-15020
dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles pointers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file, related to parse_die and parse_line_table, as demonstrated by a parse_die heap-based buffer over-read.
2.30-1
Affected by 0 other vulnerabilities.
VCID-r8fy-e4p6-aaae
Aliases:
CVE-2017-15024
find_abstract_instance_name in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file.
2.30-1
Affected by 0 other vulnerabilities.
VCID-sznd-kpuk-aaar
Aliases:
CVE-2017-15023
read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not properly validate the format count, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to concat_filename.
2.30-1
Affected by 0 other vulnerabilities.
VCID-zjje-2dc6-aaad
Aliases:
CVE-2017-17122
The dump_relocs_in_section function in objdump.c in GNU Binutils 2.29.1 does not check for reloc count integer overflows, which allows remote attackers to cause a denial of service (excessive memory allocation, or heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PE file.
2.30-1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-03-28T07:46:10.451177+00:00 Arch Linux Importer Affected by VCID-r8bp-9ajm-aaad https://security.archlinux.org/AVG-435 36.0.0
2025-03-28T07:46:10.432341+00:00 Arch Linux Importer Affected by VCID-mfpt-7f3s-aaad https://security.archlinux.org/AVG-435 36.0.0
2025-03-28T07:46:10.413745+00:00 Arch Linux Importer Affected by VCID-cw6f-akx6-aaae https://security.archlinux.org/AVG-435 36.0.0
2025-03-28T07:46:10.395097+00:00 Arch Linux Importer Affected by VCID-sznd-kpuk-aaar https://security.archlinux.org/AVG-435 36.0.0
2025-03-28T07:46:10.376319+00:00 Arch Linux Importer Affected by VCID-r8fy-e4p6-aaae https://security.archlinux.org/AVG-435 36.0.0
2025-03-28T07:46:10.357632+00:00 Arch Linux Importer Affected by VCID-afuk-zmu1-aaae https://security.archlinux.org/AVG-435 36.0.0
2025-03-28T07:46:10.338786+00:00 Arch Linux Importer Affected by VCID-n2pk-dwts-aaaj https://security.archlinux.org/AVG-435 36.0.0
2025-03-28T07:46:08.076889+00:00 Arch Linux Importer Affected by VCID-zjje-2dc6-aaad https://security.archlinux.org/AVG-538 36.0.0
2025-03-28T07:46:08.058185+00:00 Arch Linux Importer Affected by VCID-ptmx-tcrv-aaan https://security.archlinux.org/AVG-538 36.0.0
2025-03-28T07:46:08.039177+00:00 Arch Linux Importer Affected by VCID-jb8u-2tyg-aaaj https://security.archlinux.org/AVG-538 36.0.0
2025-03-28T07:46:08.020463+00:00 Arch Linux Importer Affected by VCID-e1s8-nwar-aaad https://security.archlinux.org/AVG-538 36.0.0
2025-03-28T07:46:08.001815+00:00 Arch Linux Importer Affected by VCID-cz2e-tkm6-aaag https://security.archlinux.org/AVG-538 36.0.0
2024-09-18T02:01:19.924103+00:00 Arch Linux Importer Affected by VCID-r8bp-9ajm-aaad https://security.archlinux.org/AVG-435 34.0.1
2024-09-18T02:01:19.892813+00:00 Arch Linux Importer Affected by VCID-mfpt-7f3s-aaad https://security.archlinux.org/AVG-435 34.0.1
2024-09-18T02:01:19.867032+00:00 Arch Linux Importer Affected by VCID-cw6f-akx6-aaae https://security.archlinux.org/AVG-435 34.0.1
2024-09-18T02:01:19.841462+00:00 Arch Linux Importer Affected by VCID-sznd-kpuk-aaar https://security.archlinux.org/AVG-435 34.0.1
2024-09-18T02:01:19.815670+00:00 Arch Linux Importer Affected by VCID-r8fy-e4p6-aaae https://security.archlinux.org/AVG-435 34.0.1
2024-09-18T02:01:19.789641+00:00 Arch Linux Importer Affected by VCID-afuk-zmu1-aaae https://security.archlinux.org/AVG-435 34.0.1
2024-09-18T02:01:19.763823+00:00 Arch Linux Importer Affected by VCID-n2pk-dwts-aaaj https://security.archlinux.org/AVG-435 34.0.1
2024-09-18T02:01:16.731403+00:00 Arch Linux Importer Affected by VCID-zjje-2dc6-aaad https://security.archlinux.org/AVG-538 34.0.1
2024-09-18T02:01:16.709500+00:00 Arch Linux Importer Affected by VCID-ptmx-tcrv-aaan https://security.archlinux.org/AVG-538 34.0.1
2024-09-18T02:01:16.688200+00:00 Arch Linux Importer Affected by VCID-jb8u-2tyg-aaaj https://security.archlinux.org/AVG-538 34.0.1
2024-09-18T02:01:16.661990+00:00 Arch Linux Importer Affected by VCID-e1s8-nwar-aaad https://security.archlinux.org/AVG-538 34.0.1
2024-09-18T02:01:16.641999+00:00 Arch Linux Importer Affected by VCID-cz2e-tkm6-aaag https://security.archlinux.org/AVG-538 34.0.1
2024-01-03T22:27:30.676557+00:00 Arch Linux Importer Affected by VCID-r8bp-9ajm-aaad https://security.archlinux.org/AVG-435 34.0.0rc1
2024-01-03T22:27:30.654855+00:00 Arch Linux Importer Affected by VCID-mfpt-7f3s-aaad https://security.archlinux.org/AVG-435 34.0.0rc1
2024-01-03T22:27:30.633291+00:00 Arch Linux Importer Affected by VCID-cw6f-akx6-aaae https://security.archlinux.org/AVG-435 34.0.0rc1
2024-01-03T22:27:30.611261+00:00 Arch Linux Importer Affected by VCID-sznd-kpuk-aaar https://security.archlinux.org/AVG-435 34.0.0rc1
2024-01-03T22:27:30.592451+00:00 Arch Linux Importer Affected by VCID-r8fy-e4p6-aaae https://security.archlinux.org/AVG-435 34.0.0rc1
2024-01-03T22:27:30.573413+00:00 Arch Linux Importer Affected by VCID-afuk-zmu1-aaae https://security.archlinux.org/AVG-435 34.0.0rc1
2024-01-03T22:27:30.554549+00:00 Arch Linux Importer Affected by VCID-n2pk-dwts-aaaj https://security.archlinux.org/AVG-435 34.0.0rc1
2024-01-03T22:27:28.035317+00:00 Arch Linux Importer Affected by VCID-zjje-2dc6-aaad https://security.archlinux.org/AVG-538 34.0.0rc1
2024-01-03T22:27:28.015560+00:00 Arch Linux Importer Affected by VCID-ptmx-tcrv-aaan https://security.archlinux.org/AVG-538 34.0.0rc1
2024-01-03T22:27:27.996355+00:00 Arch Linux Importer Affected by VCID-jb8u-2tyg-aaaj https://security.archlinux.org/AVG-538 34.0.0rc1
2024-01-03T22:27:27.976813+00:00 Arch Linux Importer Affected by VCID-e1s8-nwar-aaad https://security.archlinux.org/AVG-538 34.0.0rc1
2024-01-03T22:27:27.954563+00:00 Arch Linux Importer Affected by VCID-cz2e-tkm6-aaag https://security.archlinux.org/AVG-538 34.0.0rc1