VulnerableCode Package Details - pkg:alpm/archlinux/binutils@2.30-1

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-afuk-zmu1-aaae	decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted ELF file.	CVE-2017-15025
VCID-cw6f-akx6-aaae	dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the DW_AT_name data type, which allows remote attackers to cause a denial of service (bfd_hash_hash NULL pointer dereference, or out-of-bounds access, and application crash) via a crafted ELF file, related to scan_unit_for_symbols and parse_comp_unit.	CVE-2017-15022
VCID-cz2e-tkm6-aaag	The load_debug_section function in readelf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via an ELF file that lacks section headers.	CVE-2017-17126
VCID-e1s8-nwar-aaad	nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global symbols, which allows remote attackers to cause a denial of service (_bfd_elf_get_symbol_version_string buffer over-read and application crash) or possibly have unspecified other impact via a crafted ELF file.	CVE-2017-17125
VCID-jb8u-2tyg-aaaj	The _bfd_coff_read_string_table function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not properly validate the size of the external string table, which allows remote attackers to cause a denial of service (excessive memory consumption, or heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted COFF binary.	CVE-2017-17124
VCID-mfpt-7f3s-aaad	bfd_get_debug_link_info_1 in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to bfd_getl32.	CVE-2017-15021
VCID-n2pk-dwts-aaaj	elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service (excessive memory allocation) or possibly have unspecified other impact via a crafted ELF file that triggers a "buffer overflow on fuzzed archive header," related to an uninitialized variable, an improper conditional jump, and the get_archive_member_name, process_archive_index_and_symbols, and setup_archive functions.	CVE-2017-15996
VCID-ptmx-tcrv-aaan	The coff_slurp_reloc_table function in coffcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted COFF based file.	CVE-2017-17123
VCID-r8bp-9ajm-aaad	dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles pointers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file, related to parse_die and parse_line_table, as demonstrated by a parse_die heap-based buffer over-read.	CVE-2017-15020
VCID-r8fy-e4p6-aaae	find_abstract_instance_name in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file.	CVE-2017-15024
VCID-sznd-kpuk-aaar	read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not properly validate the format count, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to concat_filename.	CVE-2017-15023
VCID-zjje-2dc6-aaad	The dump_relocs_in_section function in objdump.c in GNU Binutils 2.29.1 does not check for reloc count integer overflows, which allows remote attackers to cause a denial of service (excessive memory allocation, or heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PE file.	CVE-2017-17122

Vulnerability

Summary

Aliases

VCID-afuk-zmu1-aaae

decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted ELF file.

CVE-2017-15025

VCID-cw6f-akx6-aaae

dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the DW_AT_name data type, which allows remote attackers to cause a denial of service (bfd_hash_hash NULL pointer dereference, or out-of-bounds access, and application crash) via a crafted ELF file, related to scan_unit_for_symbols and parse_comp_unit.

CVE-2017-15022

VCID-cz2e-tkm6-aaag

The load_debug_section function in readelf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via an ELF file that lacks section headers.

CVE-2017-17126

VCID-e1s8-nwar-aaad

nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global symbols, which allows remote attackers to cause a denial of service (_bfd_elf_get_symbol_version_string buffer over-read and application crash) or possibly have unspecified other impact via a crafted ELF file.

CVE-2017-17125

VCID-jb8u-2tyg-aaaj

The _bfd_coff_read_string_table function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not properly validate the size of the external string table, which allows remote attackers to cause a denial of service (excessive memory consumption, or heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted COFF binary.

CVE-2017-17124

VCID-mfpt-7f3s-aaad

bfd_get_debug_link_info_1 in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to bfd_getl32.

CVE-2017-15021

VCID-n2pk-dwts-aaaj

elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service (excessive memory allocation) or possibly have unspecified other impact via a crafted ELF file that triggers a "buffer overflow on fuzzed archive header," related to an uninitialized variable, an improper conditional jump, and the get_archive_member_name, process_archive_index_and_symbols, and setup_archive functions.

CVE-2017-15996

VCID-ptmx-tcrv-aaan

The coff_slurp_reloc_table function in coffcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted COFF based file.

CVE-2017-17123

VCID-r8bp-9ajm-aaad

dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles pointers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file, related to parse_die and parse_line_table, as demonstrated by a parse_die heap-based buffer over-read.

CVE-2017-15020

VCID-r8fy-e4p6-aaae

find_abstract_instance_name in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file.

CVE-2017-15024

VCID-sznd-kpuk-aaar

read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not properly validate the format count, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to concat_filename.

CVE-2017-15023

VCID-zjje-2dc6-aaad

The dump_relocs_in_section function in objdump.c in GNU Binutils 2.29.1 does not check for reloc count integer overflows, which allows remote attackers to cause a denial of service (excessive memory allocation, or heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PE file.

CVE-2017-17122

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T07:46:10.456090+00:00	Arch Linux Importer	Fixing	VCID-r8bp-9ajm-aaad	https://security.archlinux.org/AVG-435	36.0.0
2025-03-28T07:46:10.437286+00:00	Arch Linux Importer	Fixing	VCID-mfpt-7f3s-aaad	https://security.archlinux.org/AVG-435	36.0.0
2025-03-28T07:46:10.418640+00:00	Arch Linux Importer	Fixing	VCID-cw6f-akx6-aaae	https://security.archlinux.org/AVG-435	36.0.0
2025-03-28T07:46:10.400013+00:00	Arch Linux Importer	Fixing	VCID-sznd-kpuk-aaar	https://security.archlinux.org/AVG-435	36.0.0
2025-03-28T07:46:10.381219+00:00	Arch Linux Importer	Fixing	VCID-r8fy-e4p6-aaae	https://security.archlinux.org/AVG-435	36.0.0
2025-03-28T07:46:10.362562+00:00	Arch Linux Importer	Fixing	VCID-afuk-zmu1-aaae	https://security.archlinux.org/AVG-435	36.0.0
2025-03-28T07:46:10.343632+00:00	Arch Linux Importer	Fixing	VCID-n2pk-dwts-aaaj	https://security.archlinux.org/AVG-435	36.0.0
2025-03-28T07:46:08.081823+00:00	Arch Linux Importer	Fixing	VCID-zjje-2dc6-aaad	https://security.archlinux.org/AVG-538	36.0.0
2025-03-28T07:46:08.063126+00:00	Arch Linux Importer	Fixing	VCID-ptmx-tcrv-aaan	https://security.archlinux.org/AVG-538	36.0.0
2025-03-28T07:46:08.044263+00:00	Arch Linux Importer	Fixing	VCID-jb8u-2tyg-aaaj	https://security.archlinux.org/AVG-538	36.0.0
2025-03-28T07:46:08.025382+00:00	Arch Linux Importer	Fixing	VCID-e1s8-nwar-aaad	https://security.archlinux.org/AVG-538	36.0.0
2025-03-28T07:46:08.006756+00:00	Arch Linux Importer	Fixing	VCID-cz2e-tkm6-aaag	https://security.archlinux.org/AVG-538	36.0.0
2024-09-18T02:01:19.929067+00:00	Arch Linux Importer	Fixing	VCID-r8bp-9ajm-aaad	https://security.archlinux.org/AVG-435	34.0.1
2024-09-18T02:01:19.898099+00:00	Arch Linux Importer	Fixing	VCID-mfpt-7f3s-aaad	https://security.archlinux.org/AVG-435	34.0.1
2024-09-18T02:01:19.872230+00:00	Arch Linux Importer	Fixing	VCID-cw6f-akx6-aaae	https://security.archlinux.org/AVG-435	34.0.1
2024-09-18T02:01:19.846590+00:00	Arch Linux Importer	Fixing	VCID-sznd-kpuk-aaar	https://security.archlinux.org/AVG-435	34.0.1
2024-09-18T02:01:19.820876+00:00	Arch Linux Importer	Fixing	VCID-r8fy-e4p6-aaae	https://security.archlinux.org/AVG-435	34.0.1
2024-09-18T02:01:19.794700+00:00	Arch Linux Importer	Fixing	VCID-afuk-zmu1-aaae	https://security.archlinux.org/AVG-435	34.0.1
2024-09-18T02:01:19.768930+00:00	Arch Linux Importer	Fixing	VCID-n2pk-dwts-aaaj	https://security.archlinux.org/AVG-435	34.0.1
2024-09-18T02:01:16.735998+00:00	Arch Linux Importer	Fixing	VCID-zjje-2dc6-aaad	https://security.archlinux.org/AVG-538	34.0.1
2024-09-18T02:01:16.714066+00:00	Arch Linux Importer	Fixing	VCID-ptmx-tcrv-aaan	https://security.archlinux.org/AVG-538	34.0.1
2024-09-18T02:01:16.692813+00:00	Arch Linux Importer	Fixing	VCID-jb8u-2tyg-aaaj	https://security.archlinux.org/AVG-538	34.0.1
2024-09-18T02:01:16.666567+00:00	Arch Linux Importer	Fixing	VCID-e1s8-nwar-aaad	https://security.archlinux.org/AVG-538	34.0.1
2024-09-18T02:01:16.647164+00:00	Arch Linux Importer	Fixing	VCID-cz2e-tkm6-aaag	https://security.archlinux.org/AVG-538	34.0.1
2024-01-03T22:27:30.681283+00:00	Arch Linux Importer	Fixing	VCID-r8bp-9ajm-aaad	https://security.archlinux.org/AVG-435	34.0.0rc1
2024-01-03T22:27:30.659522+00:00	Arch Linux Importer	Fixing	VCID-mfpt-7f3s-aaad	https://security.archlinux.org/AVG-435	34.0.0rc1
2024-01-03T22:27:30.638005+00:00	Arch Linux Importer	Fixing	VCID-cw6f-akx6-aaae	https://security.archlinux.org/AVG-435	34.0.0rc1
2024-01-03T22:27:30.616052+00:00	Arch Linux Importer	Fixing	VCID-sznd-kpuk-aaar	https://security.archlinux.org/AVG-435	34.0.0rc1
2024-01-03T22:27:30.597099+00:00	Arch Linux Importer	Fixing	VCID-r8fy-e4p6-aaae	https://security.archlinux.org/AVG-435	34.0.0rc1
2024-01-03T22:27:30.578069+00:00	Arch Linux Importer	Fixing	VCID-afuk-zmu1-aaae	https://security.archlinux.org/AVG-435	34.0.0rc1
2024-01-03T22:27:30.559239+00:00	Arch Linux Importer	Fixing	VCID-n2pk-dwts-aaaj	https://security.archlinux.org/AVG-435	34.0.0rc1
2024-01-03T22:27:28.040063+00:00	Arch Linux Importer	Fixing	VCID-zjje-2dc6-aaad	https://security.archlinux.org/AVG-538	34.0.0rc1
2024-01-03T22:27:28.020432+00:00	Arch Linux Importer	Fixing	VCID-ptmx-tcrv-aaan	https://security.archlinux.org/AVG-538	34.0.0rc1
2024-01-03T22:27:28.000964+00:00	Arch Linux Importer	Fixing	VCID-jb8u-2tyg-aaaj	https://security.archlinux.org/AVG-538	34.0.0rc1
2024-01-03T22:27:27.981583+00:00	Arch Linux Importer	Fixing	VCID-e1s8-nwar-aaad	https://security.archlinux.org/AVG-538	34.0.0rc1
2024-01-03T22:27:27.959214+00:00	Arch Linux Importer	Fixing	VCID-cz2e-tkm6-aaag	https://security.archlinux.org/AVG-538	34.0.0rc1

2025-03-28T07:46:10.456090+00:00

Arch Linux Importer

Fixing