Search for packages
| purl | pkg:deb/debian/binutils@2.18.1~cvs20080103-7 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-154v-1e42-y3aj
Aliases: CVE-2020-35494 |
There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted input file to be processed by binutils could cause usage of uninitialized memory. The highest threat is to application availability with a lower threat to data confidentiality. This flaw affects binutils versions prior to 2.34. |
Affected by 1 other vulnerability. |
|
VCID-1b8x-h4uw-wqds
Aliases: CVE-2018-20002 |
The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm. |
Affected by 1 other vulnerability. |
|
VCID-1jj7-za2g-1bc7
Aliases: CVE-2017-9752 |
Affected by 51 other vulnerabilities. |
|
|
VCID-1jv4-za9r-a7bm
Aliases: CVE-2017-8393 |
Affected by 145 other vulnerabilities. |
|
|
VCID-1meb-tpzz-gydb
Aliases: CVE-2017-17080 |
Affected by 51 other vulnerabilities. |
|
|
VCID-1wb4-czdw-d7g3
Aliases: CVE-2016-4493 |
Affected by 159 other vulnerabilities. |
|
|
VCID-2bxb-scqx-63d1
Aliases: CVE-2017-12448 |
Affected by 51 other vulnerabilities. |
|
|
VCID-2c1w-zkj9-b7cm
Aliases: CVE-2018-19932 |
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is an integer overflow and infinite loop caused by the IS_CONTAINED_BY_LMA macro in elf.c. |
Affected by 1 other vulnerability. |
|
VCID-2e2j-2rzq-4yb3
Aliases: CVE-2018-7208 |
In the coff_pointerize_aux function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, an index is not validated, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted file, as demonstrated by objcopy of a COFF object. |
Affected by 51 other vulnerabilities. |
|
VCID-2f7d-36ey-g3am
Aliases: CVE-2019-17450 |
find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file. |
Affected by 1 other vulnerability. |
|
VCID-2fbg-8d67-sfa7
Aliases: CVE-2017-14529 |
Affected by 51 other vulnerabilities. |
|
|
VCID-2g9g-vuva-cfex
Aliases: CVE-2017-14333 |
Affected by 51 other vulnerabilities. |
|
|
VCID-2j2p-p8rg-87bb
Aliases: CVE-2017-12458 |
Affected by 51 other vulnerabilities. |
|
|
VCID-2rtk-pzzs-9qfy
Aliases: CVE-2017-9755 |
Affected by 51 other vulnerabilities. |
|
|
VCID-32gr-a4tq-vubt
Aliases: CVE-2018-18607 |
An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in elf_link_input_bfd when used for finding STT_TLS symbols without any TLS section. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld. |
Affected by 1 other vulnerability. |
|
VCID-32ws-47v3-2qgq
Aliases: CVE-2017-9039 |
Affected by 51 other vulnerabilities. |
|
|
VCID-39py-fyqs-ukgy
Aliases: CVE-2014-8503 |
Affected by 188 other vulnerabilities. Affected by 180 other vulnerabilities. |
|
|
VCID-3v3s-quza-8udy
Aliases: CVE-2017-7225 |
Affected by 159 other vulnerabilities. |
|
|
VCID-4bdx-vhga-zub9
Aliases: CVE-2016-4487 |
Affected by 159 other vulnerabilities. |
|
|
VCID-4rkb-tspe-4fak
Aliases: CVE-2019-9077 |
An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section. |
Affected by 1 other vulnerability. |
|
VCID-4ues-ekzv-euaz
Aliases: CVE-2017-15021 |
Affected by 51 other vulnerabilities. |
|
|
VCID-4zrs-tuxd-7ucv
Aliases: CVE-2017-8396 |
Affected by 145 other vulnerabilities. |
|
|
VCID-57mp-p4wt-zyfj
Aliases: CVE-2017-9751 |
Affected by 51 other vulnerabilities. |
|
|
VCID-5fgj-3b9a-z3ac
Aliases: CVE-2017-7301 |
Affected by 159 other vulnerabilities. |
|
|
VCID-5hee-2c1f-mkht
Aliases: CVE-2017-14939 |
Affected by 51 other vulnerabilities. |
|
|
VCID-5pe1-m8sc-d7gy
Aliases: CVE-2017-9954 |
Affected by 51 other vulnerabilities. |
|
|
VCID-5smt-gauc-4udm
Aliases: CVE-2018-7570 |
The assign_file_positions_for_non_load_sections function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an ELF file with a RELRO segment that lacks a matching LOAD segment, as demonstrated by objcopy. |
Affected by 51 other vulnerabilities. |
|
VCID-6255-37w5-d7ah
Aliases: CVE-2017-12452 |
Affected by 51 other vulnerabilities. |
|
|
VCID-64nk-rdem-9kck
Aliases: CVE-2020-35496 |
There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. This flaw affects binutils versions prior to 2.34. |
Affected by 1 other vulnerability. |
|
VCID-6dym-kzef-eqdq
Aliases: CVE-2017-12459 |
Affected by 51 other vulnerabilities. |
|
|
VCID-6jnq-8qs8-tqfb
Aliases: CVE-2018-10534 |
The _bfd_XX_bfd_copy_private_bfd_data_common function in peXXigen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, processes a negative Data Directory size with an unbounded loop that increases the value of (external_IMAGE_DEBUG_DIRECTORY) *edd so that the address exceeds its own memory region, resulting in an out-of-bounds memory write, as demonstrated by objcopy copying private info with _bfd_pex64_bfd_copy_private_bfd_data_common in pex64igen.c. |
Affected by 51 other vulnerabilities. |
|
VCID-788a-szy3-jkfy
Aliases: CVE-2017-12457 |
Affected by 51 other vulnerabilities. |
|
|
VCID-7c3u-62vx-tuek
Aliases: CVE-2020-16591 |
binutils: invalid read in process_symbol_table could result in DoS |
Affected by 1 other vulnerability. |
|
VCID-7pw1-rt7u-w3c8
Aliases: CVE-2017-13710 |
Affected by 51 other vulnerabilities. |
|
|
VCID-7u2b-ndas-rffh
Aliases: CVE-2019-12972 |
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\0' character. |
Affected by 1 other vulnerability. |
|
VCID-7x9d-q39j-8bbn
Aliases: CVE-2014-8485 |
Affected by 188 other vulnerabilities. Affected by 180 other vulnerabilities. |
|
|
VCID-7ybj-81sb-tqgg
Aliases: CVE-2017-14938 |
Affected by 51 other vulnerabilities. |
|
|
VCID-7z3u-h6qj-rbc2
Aliases: CVE-2017-9746 |
Affected by 51 other vulnerabilities. |
|
|
VCID-84cg-nxbf-bbd8
Aliases: CVE-2018-12697 |
A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump. |
Affected by 1 other vulnerability. |
|
VCID-89p5-ut89-zye8
Aliases: CVE-2017-17121 |
Affected by 51 other vulnerabilities. |
|
|
VCID-8apw-uhbe-17cz
Aliases: CVE-2017-14934 |
binutils: Infinite loop in process_debug_info |
Affected by 51 other vulnerabilities. |
|
VCID-8eev-1h3f-pqcg
Aliases: CVE-2017-7210 |
Affected by 145 other vulnerabilities. |
|
|
VCID-8u67-78xq-1ube
Aliases: CVE-2021-37322 |
binutils: use-after-free in c++filt in cplus-dem.c |
Affected by 159 other vulnerabilities. |
|
VCID-8xw3-wtt4-hygr
Aliases: CVE-2017-9041 |
Affected by 51 other vulnerabilities. |
|
|
VCID-92k4-u75a-hydv
Aliases: CVE-2017-17125 |
Affected by 51 other vulnerabilities. |
|
|
VCID-9e7m-qwu9-ukac
Aliases: CVE-2017-12967 |
Affected by 51 other vulnerabilities. |
|
|
VCID-9feb-e9m1-1fb1
Aliases: CVE-2019-1010180 |
GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet. |
Affected by 1 other vulnerability. |
|
VCID-9k6j-s5z9-7kg6
Aliases: CVE-2014-8504 |
Affected by 188 other vulnerabilities. Affected by 180 other vulnerabilities. |
|
|
VCID-9kt2-wj2a-z7au
Aliases: CVE-2017-9750 |
Affected by 51 other vulnerabilities. |
|
|
VCID-9sgw-z9yn-rkc2
Aliases: CVE-2017-8421 |
Affected by 145 other vulnerabilities. |
|
|
VCID-a2nu-e3m9-m7cy
Aliases: CVE-2017-9042 |
Affected by 51 other vulnerabilities. |
|
|
VCID-a2t4-a8gy-cqay
Aliases: CVE-2017-8398 |
Affected by 145 other vulnerabilities. |
|
|
VCID-amew-4knw-wfhe
Aliases: CVE-2017-9038 |
Affected by 51 other vulnerabilities. |
|
|
VCID-aq2c-t792-sbc1
Aliases: CVE-2017-14932 |
Affected by 51 other vulnerabilities. |
|
|
VCID-ards-3s4r-7kck
Aliases: CVE-2017-17122 |
Affected by 51 other vulnerabilities. |
|
|
VCID-auhd-h4mq-tfcp
Aliases: CVE-2017-16829 |
binutils: Out-of-bounds read in the _bfd_elf_parse_gnu_properties function |
Affected by 51 other vulnerabilities. |
|
VCID-axfy-h8p2-rkc1
Aliases: CVE-2018-19931 |
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is a heap-based buffer overflow in bfd_elf32_swap_phdr_in in elfcode.h because the number of program headers is not restricted. |
Affected by 1 other vulnerability. |
|
VCID-ayqd-jkve-6fh5
Aliases: CVE-2020-16590 |
binutils: double free vulnerability in process_symbol_table could result in DoS |
Affected by 1 other vulnerability. |
|
VCID-bacv-q3na-kqa3
Aliases: CVE-2017-7614 |
Affected by 145 other vulnerabilities. |
|
|
VCID-bd6s-caqx-2yf8
Aliases: CVE-2016-4492 |
Affected by 159 other vulnerabilities. |
|
|
VCID-bh7n-1973-yqer
Aliases: CVE-2019-9071 |
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls. |
Affected by 1 other vulnerability. |
|
VCID-bzax-85wn-hugw
Aliases: CVE-2017-6965 |
Affected by 145 other vulnerabilities. |
|
|
VCID-c3xb-cvac-tbb9
Aliases: CVE-2020-35493 |
A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap buffer overflow -> out-of-bounds read that could lead to an impact to application availability. This flaw affects binutils versions prior to 2.34. |
Affected by 1 other vulnerability. |
|
VCID-c9ka-2dkv-8qb9
Aliases: CVE-2017-17126 |
binutils: Invalid memory access in the load_debug_section function |
Affected by 51 other vulnerabilities. |
|
VCID-ccg8-c7g9-wugp
Aliases: CVE-2017-16831 |
Affected by 51 other vulnerabilities. |
|
|
VCID-ckkh-rwnk-1fgt
Aliases: CVE-2020-21490 |
An issue was discovered in GNU Binutils 2.34. It is a memory leak when process microblaze-dis.c. This one will consume memory on each insn disassembled. |
Affected by 1 other vulnerability. |
|
VCID-cr2t-5zba-33a8
Aliases: CVE-2017-7303 |
binutils: Out-of-bounds read in find_link function |
Affected by 159 other vulnerabilities. |
|
VCID-cw87-v7m5-2fda
Aliases: CVE-2017-12455 |
Affected by 51 other vulnerabilities. |
|
|
VCID-d7n6-dvzz-7qhy
Aliases: CVE-2017-14974 |
binutils: NULL pointer dereference in the *_get_synthetic_symtab functions |
Affected by 51 other vulnerabilities. |
|
VCID-dacv-8ws1-zfgh
Aliases: CVE-2020-35495 |
There's a flaw in binutils /bfd/pef.c. An attacker who is able to submit a crafted input file to be processed by the objdump program could cause a null pointer dereference. The greatest threat from this flaw is to application availability. This flaw affects binutils versions prior to 2.34. |
Affected by 1 other vulnerability. |
|
VCID-dcek-dh73-a7hc
Aliases: CVE-2017-12454 |
Affected by 51 other vulnerabilities. |
|
|
VCID-dfbz-jn1a-5fh8
Aliases: CVE-2017-14933 |
binutils: Infinite loop in read_formatted_entries |
Affected by 51 other vulnerabilities. |
|
VCID-dkdp-hwnx-bbdt
Aliases: CVE-2017-14940 |
Affected by 51 other vulnerabilities. |
|
|
VCID-dszw-ch9u-vbh1
Aliases: CVE-2017-9044 |
Affected by 51 other vulnerabilities. |
|
|
VCID-dta7-pp63-rka9
Aliases: CVE-2017-9749 |
Affected by 51 other vulnerabilities. |
|
|
VCID-duku-nh7d-9qbf
Aliases: CVE-2017-6966 |
Affected by 145 other vulnerabilities. |
|
|
VCID-dws6-gszg-q7bs
Aliases: CVE-2016-4490 |
Affected by 159 other vulnerabilities. |
|
|
VCID-dznj-bzqg-hqgz
Aliases: CVE-2019-9073 |
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in _bfd_elf_slurp_version_tables in elf.c. |
Affected by 1 other vulnerability. |
|
VCID-e4up-vga2-83ec
Aliases: CVE-2018-10535 |
The ignore_section_sym function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, does not validate the output_section pointer in the case of a symtab entry with a "SECTION" type that has a "0" value, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file, as demonstrated by objcopy. |
Affected by 51 other vulnerabilities. |
|
VCID-ecpp-k4fh-p3ef
Aliases: CVE-2017-7224 |
Affected by 159 other vulnerabilities. |
|
|
VCID-emmf-9xc6-6yhf
Aliases: CVE-2017-12453 |
Affected by 51 other vulnerabilities. |
|
|
VCID-evcc-x7aj-7fhe
Aliases: CVE-2017-7227 |
Affected by 159 other vulnerabilities. |
|
|
VCID-f3he-wwrm-zkhg
Aliases: CVE-2017-15024 |
Affected by 51 other vulnerabilities. |
|
|
VCID-f4fb-k8cq-mug1
Aliases: CVE-2017-9743 |
binutils: Global buffer over-read in print_insn_score32 function while disassembling corrupt score binary |
Affected by 51 other vulnerabilities. |
|
VCID-fcpb-8hbu-yyaf
Aliases: CVE-2017-12449 |
Affected by 51 other vulnerabilities. |
|
|
VCID-fdp2-bcd5-wbdp
Aliases: CVE-2018-17360 |
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfd_getl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executable objdump. |
Affected by 1 other vulnerability. |
|
VCID-fpjx-p33y-x7bx
Aliases: CVE-2017-16832 |
Affected by 51 other vulnerabilities. |
|
|
VCID-fszg-2exd-qqe2
Aliases: CVE-2019-9074 |
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c. |
Affected by 1 other vulnerability. |
|
VCID-ftgn-k8tj-7qdm
Aliases: CVE-2017-7300 |
Affected by 159 other vulnerabilities. |
|
|
VCID-fudc-gahm-wueu
Aliases: CVE-2017-9043 |
binutils: Shift exponent too large for type unsigned long in readelf.c |
Affected by 51 other vulnerabilities. |
|
VCID-g38s-maeb-fye3
Aliases: CVE-2018-18700 |
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions d_name(), d_encoding(), and d_local_name() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm. |
Affected by 1 other vulnerability. |
|
VCID-g3rz-6sm8-a7c9
Aliases: CVE-2017-14129 |
Affected by 51 other vulnerabilities. |
|
|
VCID-g6xt-s17j-v7b2
Aliases: CVE-2017-17124 |
Affected by 51 other vulnerabilities. |
|
|
VCID-g9cx-a8ub-fbh7
Aliases: CVE-2017-15020 |
Affected by 51 other vulnerabilities. |
|
|
VCID-gb8c-4zsr-cuh1
Aliases: CVE-2018-10373 |
concat_filename in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted binary file, as demonstrated by nm-new. |
Affected by 51 other vulnerabilities. |
|
VCID-gbkx-aktq-8qen
Aliases: CVE-2018-17359 |
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in bfd_zalloc in opncls.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file. |
Affected by 1 other vulnerability. |
|
VCID-gqgn-2pxf-uyfp
Aliases: CVE-2017-9747 |
Affected by 51 other vulnerabilities. |
|
|
VCID-gtpa-nbej-q3gx
Aliases: CVE-2020-16599 |
binutils: Null Pointer Dereference in _bfd_elf_get_symbol_version_string could result in DoS |
Affected by 1 other vulnerability. |
|
VCID-gvp6-dxsd-jqgn
Aliases: CVE-2017-7302 |
Affected by 159 other vulnerabilities. |
|
|
VCID-gw83-mf7x-afdf
Aliases: CVE-2017-15023 |
binutils: NULL pointer dereference in read_formatted_entries |
Affected by 51 other vulnerabilities. |
|
VCID-ha8c-gs26-yyff
Aliases: CVE-2017-16826 |
Affected by 51 other vulnerabilities. |
|
|
VCID-hjc9-ajp2-h7eg
Aliases: CVE-2017-15996 |
Affected by 51 other vulnerabilities. |
|
|
VCID-hm8k-gmqx-f7em
Aliases: CVE-2018-12699 |
finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump. |
Affected by 1 other vulnerability. |
|
VCID-hnud-hr6m-vucc
Aliases: CVE-2016-2226 |
Affected by 159 other vulnerabilities. |
|
|
VCID-hvsf-5ebq-h3a8
Aliases: CVE-2018-6323 |
The elf_object_p function in elfcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, has an unsigned integer overflow because bfd_size_type multiplication is not used. A crafted ELF file allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. |
Affected by 51 other vulnerabilities. |
|
VCID-hvzr-uymh-1uck
Aliases: CVE-2017-14130 |
Affected by 51 other vulnerabilities. |
|
|
VCID-j4ue-gs9t-rfbt
Aliases: CVE-2018-7642 |
The swap_std_reloc_in function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (aout_32_swap_std_reloc_out NULL pointer dereference and application crash) via a crafted ELF file, as demonstrated by objcopy. |
Affected by 51 other vulnerabilities. |
|
VCID-j9b1-pevh-5fdp
Aliases: CVE-2018-9138 |
An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_nested_args, demangle_args, do_arg, and do_type. |
Affected by 1 other vulnerability. |
|
VCID-jc8q-cvdc-9ugh
Aliases: CVE-2016-4488 |
Affected by 159 other vulnerabilities. |
|
|
VCID-jdzs-93b5-37da
Aliases: CVE-2017-7226 |
Affected by 159 other vulnerabilities. |
|
|
VCID-jgcn-zpaw-dqdb
Aliases: CVE-2018-18606 |
An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in _bfd_add_merge_section when attempting to merge sections with large alignments. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld. |
Affected by 1 other vulnerability. |
|
VCID-jjr3-ukbq-z3dk
Aliases: CVE-2017-7223 |
Affected by 159 other vulnerabilities. |
|
|
VCID-jqu5-zyxz-jfbk
Aliases: CVE-2019-9070 |
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive calls. |
Affected by 1 other vulnerability. |
|
VCID-kasr-drgt-1bc2
Aliases: CVE-2020-16593 |
binutils: Null Pointer Dereference in scan_unit_for_symbols could result in DoS |
Affected by 1 other vulnerability. |
|
VCID-knz8-626a-gkgy
Aliases: CVE-2018-17358 |
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in _bfd_stab_section_find_nearest_line in syms.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file. |
Affected by 1 other vulnerability. |
|
VCID-kvkq-mjg5-vbct
Aliases: CVE-2017-12451 |
Affected by 51 other vulnerabilities. |
|
|
VCID-kxmh-pkem-tkga
Aliases: CVE-2018-17794 |
An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in work_stuff_copy_to_from when called from iterate_demangle_function. |
Affected by 1 other vulnerability. |
|
VCID-kzje-xs44-tbfn
Aliases: CVE-2017-14128 |
Affected by 51 other vulnerabilities. |
|
|
VCID-m3c8-r7kv-ukbj
Aliases: CVE-2019-14250 |
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow. |
Affected by 1 other vulnerability. |
|
VCID-m5q7-1ehk-jygx
Aliases: CVE-2017-8394 |
Affected by 145 other vulnerabilities. |
|
|
VCID-mde5-fknz-b7bg
Aliases: CVE-2017-9753 |
Affected by 51 other vulnerabilities. |
|
|
VCID-mhg3-mma8-yfcy
Aliases: CVE-2017-8395 |
Affected by 145 other vulnerabilities. |
|
|
VCID-n5g5-suub-wqaz
Aliases: CVE-2018-13033 |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file, as demonstrated by _bfd_elf_parse_attributes in elf-attrs.c and bfd_malloc in libbfd.c. This can occur during execution of nm. |
Affected by 51 other vulnerabilities. |
|
VCID-n8ds-dnam-cya6
Aliases: CVE-2017-14745 |
binutils: Integer overflow in the *_get_synthetic_symtab functions |
Affected by 51 other vulnerabilities. |
|
VCID-n8zv-qd9x-x3fg
Aliases: CVE-2014-8502 |
Affected by 188 other vulnerabilities. Affected by 180 other vulnerabilities. |
|
|
VCID-nftu-4pqe-ebgs
Aliases: CVE-2018-17985 |
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplus_demangle_type function making recursive calls to itself in certain scenarios involving many 'P' characters. |
Affected by 1 other vulnerability. |
|
VCID-np74-65rf-7bd6
Aliases: CVE-2017-9040 |
Affected by 51 other vulnerabilities. |
|
|
VCID-ntee-cbpp-hbd7
Aliases: CVE-2018-7643 |
The display_debug_ranges function in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, as demonstrated by objdump. |
Affected by 51 other vulnerabilities. |
|
VCID-ntje-3bs7-8bhe
Aliases: CVE-2017-16827 |
Affected by 51 other vulnerabilities. |
|
|
VCID-nwr5-cam6-5ke5
Aliases: CVE-2019-14444 |
apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf. |
Affected by 1 other vulnerability. |
|
VCID-q2hu-qb4s-ykfw
Aliases: CVE-2018-18309 |
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in read_reloc in reloc.c. The vulnerability causes a segmentation fault and application crash, which leads to denial of service, as demonstrated by objdump, because of missing _bfd_clear_contents bounds checking. |
Affected by 1 other vulnerability. |
|
VCID-q9vn-bdkd-6fc9
Aliases: CVE-2017-9748 |
Affected by 51 other vulnerabilities. |
|
|
VCID-qd44-zjab-pbfx
Aliases: CVE-2017-15022 |
Affected by 51 other vulnerabilities. |
|
|
VCID-qms1-r2wv-9qh5
Aliases: CVE-2017-9742 |
Affected by 51 other vulnerabilities. |
|
|
VCID-qqkx-9usm-k7hn
Aliases: CVE-2017-9744 |
Affected by 51 other vulnerabilities. |
|
|
VCID-qwh5-x975-abgn
Aliases: CVE-2018-18701 |
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions next_is_type_qual() and cplus_demangle_type() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm. |
Affected by 1 other vulnerability. |
|
VCID-qym6-c5zv-a3ax
Aliases: CVE-2014-9939 |
Affected by 159 other vulnerabilities. |
|
|
VCID-qypb-dn7r-xqax
Aliases: CVE-2016-4491 |
Affected by 145 other vulnerabilities. |
|
|
VCID-r4gb-tvjb-kfgz
Aliases: CVE-2017-6969 |
Affected by 145 other vulnerabilities. |
|
|
VCID-rzzp-qdrk-u7dv
Aliases: CVE-2017-12799 |
Affected by 51 other vulnerabilities. |
|
|
VCID-sbp8-bzy5-gfgu
Aliases: CVE-2012-3509 |
Affected by 188 other vulnerabilities. |
|
|
VCID-sf5w-nd7d-3bc5
Aliases: CVE-2018-1000876 |
binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f. |
Affected by 1 other vulnerability. |
|
VCID-sh99-zxr9-w3ch
Aliases: CVE-2018-6543 |
In GNU Binutils 2.30, there's an integer overflow in the function load_specific_debug_section() in objdump.c, which results in `malloc()` with 0 size. A crafted ELF file allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. |
Affected by 51 other vulnerabilities. |
|
VCID-shrz-cy32-67hq
Aliases: CVE-2014-8738 |
Affected by 188 other vulnerabilities. Affected by 180 other vulnerabilities. |
|
|
VCID-t26x-g3fq-uufa
Aliases: CVE-2018-18484 |
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack consumption problem caused by recursive stack frames: cplus_demangle_type, d_bare_function_type, d_function_type. |
Affected by 1 other vulnerability. |
|
VCID-t6n3-n1ht-n7hv
Aliases: CVE-2018-20623 |
In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called from the process_archive function in readelf.c via a crafted ELF file. |
Affected by 1 other vulnerability. |
|
VCID-tcs8-5b4f-myag
Aliases: CVE-2020-35342 |
GNU Binutils before 2.34 has an uninitialized-heap vulnerability in function tic4x_print_cond (file opcodes/tic4x-dis.c) which could allow attackers to make an information leak. |
Affected by 1 other vulnerability. |
|
VCID-tdvy-s2fk-s3c5
Aliases: CVE-2018-6759 |
The bfd_get_debug_link_info_1 function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, has an unchecked strnlen operation. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) via a crafted ELF file. |
Affected by 51 other vulnerabilities. |
|
VCID-te8e-etqt-gkfb
Aliases: CVE-2017-8397 |
Affected by 145 other vulnerabilities. |
|
|
VCID-tejf-n54f-e3hq
Aliases: CVE-2017-16830 |
binutils: Segmentation fault in the print_gnu_property_note function |
Affected by 51 other vulnerabilities. |
|
VCID-tjng-3nf1-w3bj
Aliases: CVE-2017-15938 |
Affected by 51 other vulnerabilities. |
|
|
VCID-tqyj-utyc-ebbm
Aliases: CVE-2018-18483 |
The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt. |
Affected by 1 other vulnerability. |
|
VCID-tt6x-wgk7-6bhz
Aliases: CVE-2017-15025 |
Affected by 51 other vulnerabilities. |
|
|
VCID-u2jd-1r7w-cffx
Aliases: CVE-2017-16828 |
Affected by 51 other vulnerabilities. |
|
|
VCID-uagp-pfff-m7et
Aliases: CVE-2017-9955 |
binutils: heap buffer over-read in get_build_id function |
Affected by 51 other vulnerabilities. |
|
VCID-ubrh-w2e3-yua8
Aliases: CVE-2014-8484 |
Affected by 188 other vulnerabilities. Affected by 180 other vulnerabilities. |
|
|
VCID-ubzj-mm1c-5qgv
Aliases: CVE-2018-20671 |
load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size. |
Affected by 1 other vulnerability. |
|
VCID-uf1e-t1f3-nugm
Aliases: CVE-2017-9754 |
Affected by 51 other vulnerabilities. |
|
|
VCID-umbs-vfwn-5ueb
Aliases: CVE-2017-9756 |
Affected by 51 other vulnerabilities. |
|
|
VCID-unek-ax7k-f3f5
Aliases: CVE-2018-20651 |
A NULL pointer dereference was discovered in elf_link_add_object_symbols in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.1. This occurs for a crafted ET_DYN with no program headers. A specially crafted ELF file allows remote attackers to cause a denial of service, as demonstrated by ld. |
Affected by 1 other vulnerability. |
|
VCID-uqhv-8sk5-1yg1
Aliases: CVE-2017-7304 |
binutils: Out-of-bounds read in copy_special_section_fields function |
Affected by 159 other vulnerabilities. |
|
VCID-uujs-bv54-43gd
Aliases: CVE-2018-12934 |
remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM). This can occur during execution of cxxfilt. |
Affected by 1 other vulnerability. |
|
VCID-vm5s-gdzz-u3dd
Aliases: CVE-2020-35507 |
There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. |
Affected by 1 other vulnerability. |
|
VCID-vuvx-dsep-23br
Aliases: CVE-2019-9075 |
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c. |
Affected by 1 other vulnerability. |
|
VCID-w26f-61da-fkcm
Aliases: CVE-2018-7568 |
The parse_die function in dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer overflow and application crash) via an ELF file with corrupt dwarf1 debug information, as demonstrated by nm. |
Affected by 51 other vulnerabilities. |
|
VCID-w4ss-hn5b-sbaw
Aliases: CVE-2017-7209 |
Affected by 145 other vulnerabilities. |
|
|
VCID-waub-ezf2-8be4
Aliases: CVE-2016-6131 |
Affected by 159 other vulnerabilities. |
|
|
VCID-wbyz-6v8g-cqeq
Aliases: CVE-2020-16592 |
A use after free issue exists in the Binary File Descriptor (BFD) library (aka libbfd) in GNU Binutils 2.34 in bfd_hash_lookup, as demonstrated in nm-new, that can cause a denial of service via a crafted file. |
Affected by 1 other vulnerability. |
|
VCID-wqrn-7agj-xqdz
Aliases: CVE-2018-8945 |
The bfd_section_from_shdr function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (segmentation fault) via a large attribute section. |
Affected by 51 other vulnerabilities. |
|
VCID-wvpg-mprm-7qd5
Aliases: CVE-2017-15225 |
Affected by 51 other vulnerabilities. |
|
|
VCID-x3u2-89n4-suah
Aliases: CVE-2018-10372 |
process_cu_tu_index in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted binary file, as demonstrated by readelf. |
Affected by 51 other vulnerabilities. |
|
VCID-xbte-thft-mfcb
Aliases: CVE-2018-18605 |
A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld. |
Affected by 1 other vulnerability. |
|
VCID-xdd8-8u5g-cqa9
Aliases: CVE-2018-7569 |
dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer underflow or overflow, and application crash) via an ELF file with a corrupt DWARF FORM block, as demonstrated by nm. |
Affected by 51 other vulnerabilities. |
|
VCID-xneh-rnp3-fua5
Aliases: CVE-2018-12698 |
demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of objdump. |
Affected by 1 other vulnerability. |
|
VCID-xpff-nenm-13fe
Aliases: CVE-2021-20294 |
binutils: stack buffer overflow WRITE may lead to a DoS via a crafted ELF |
Affected by 37 other vulnerabilities. |
|
VCID-xsjf-jrzx-6ba8
Aliases: CVE-2014-8737 |
Affected by 188 other vulnerabilities. Affected by 180 other vulnerabilities. |
|
|
VCID-y83n-77gx-mqd7
Aliases: CVE-2019-17451 |
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c, as demonstrated by nm. |
Affected by 1 other vulnerability. |
|
VCID-yb4a-uts1-aqgd
Aliases: CVE-2017-12450 |
Affected by 51 other vulnerabilities. |
|
|
VCID-ypgu-mrf2-ffhn
Aliases: CVE-2017-14729 |
binutils: Heap buffer overflow in the *_get_synthetic_symtab functions |
Affected by 51 other vulnerabilities. |
|
VCID-yvr5-21kz-gbaq
Aliases: CVE-2018-6872 |
binutils: out of bounds read in elf_parse_notes function in elf.c file in libbfd library |
Affected by 51 other vulnerabilities. |
|
VCID-ywdh-w222-tkd8
Aliases: CVE-2017-9745 |
Affected by 51 other vulnerabilities. |
|
|
VCID-z34e-jwrd-2kbb
Aliases: CVE-2017-13757 |
binutils: heap-based buffer over-read in elf_i386_get_synthetic_symtab in elf32-i386.c and elf_x86_64_get_synthetic_symtab in elf64-x86-64.c |
Affected by 51 other vulnerabilities. |
|
VCID-z3wp-s5t7-suha
Aliases: CVE-2017-17123 |
Affected by 51 other vulnerabilities. |
|
|
VCID-z5u9-cz1p-3kcy
Aliases: CVE-2016-4489 |
Affected by 159 other vulnerabilities. |
|
|
VCID-z6d9-zrpx-k3f4
Aliases: CVE-2017-14930 |
Affected by 51 other vulnerabilities. |
|
|
VCID-za6d-2nhn-yuga
Aliases: CVE-2014-8501 |
Affected by 188 other vulnerabilities. Affected by 180 other vulnerabilities. |
|
|
VCID-zbp8-3gk1-nbfj
Aliases: CVE-2020-19724 |
A memory consumption issue in get_data function in binutils/nm.c in GNU nm before 2.34 allows attackers to cause a denial of service via crafted command. |
Affected by 1 other vulnerability. |
|
VCID-zwmb-m771-jkck
Aliases: CVE-2017-12456 |
Affected by 51 other vulnerabilities. |
|
|
VCID-zz7w-h5vv-mfg6
Aliases: CVE-2017-7299 |
Affected by 159 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-qrux-vv54-53fw | c++filt format string flaw |
CVE-2008-2310
|