Search for packages
| purl | pkg:deb/ubuntu/binutils@2.17.20070426cvs-2ubuntu2 |
| Next non-vulnerable version | 2.34-6ubuntu1.3 |
| Latest non-vulnerable version | 2.34-6ubuntu1.3 |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-1bbj-nemd-aaag
Aliases: CVE-2018-6323 |
The elf_object_p function in elfcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, has an unsigned integer overflow because bfd_size_type multiplication is not used. A crafted ELF file allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. |
Affected by 21 other vulnerabilities. |
|
VCID-1fyn-y5rz-aaag
Aliases: CVE-2017-9743 |
The print_insn_score32 function in opcodes/score7-dis.c:552 in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. |
Affected by 21 other vulnerabilities. |
|
VCID-1uw9-7g8r-aaan
Aliases: CVE-2016-4490 |
Integer overflow in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to inconsistent use of the long and int types for lengths. |
Affected by 161 other vulnerabilities. |
|
VCID-26r3-dg4f-aaan
Aliases: CVE-2018-7570 |
The assign_file_positions_for_non_load_sections function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an ELF file with a RELRO segment that lacks a matching LOAD segment, as demonstrated by objcopy. |
Affected by 111 other vulnerabilities. |
|
VCID-274n-scdf-aaaf
Aliases: CVE-2018-20002 |
The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm. |
Affected by 21 other vulnerabilities. |
|
VCID-2bht-pamc-aaab
Aliases: CVE-2017-14939 |
decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles a length calculation, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to read_1_byte. |
Affected by 21 other vulnerabilities. |
|
VCID-2fcc-149g-aaaq
Aliases: CVE-2018-7568 |
The parse_die function in dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer overflow and application crash) via an ELF file with corrupt dwarf1 debug information, as demonstrated by nm. |
Affected by 111 other vulnerabilities. |
|
VCID-2g37-m7h8-aaan
Aliases: CVE-2017-9041 |
GNU Binutils 2.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to MIPS GOT mishandling in the process_mips_specific function in readelf.c. |
Affected by 21 other vulnerabilities. |
|
VCID-2qs6-kzak-aaap
Aliases: CVE-2017-12967 |
The getsym function in tekhex.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a malformed tekhex binary. |
Affected by 152 other vulnerabilities. |
|
VCID-2v1f-u9w1-aaaa
Aliases: CVE-2017-12799 |
The elf_read_notesfunction in bfd/elf.c in GNU Binutils 2.29 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file. |
Affected by 131 other vulnerabilities. |
|
VCID-2ze7-8hry-aaaq
Aliases: CVE-2017-7300 |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in bfd/aoutx.h that is vulnerable to a heap-based buffer over-read (off-by-one) because of an incomplete check for invalid string offsets while loading symbols, leading to a GNU linker (ld) program crash. |
Affected by 169 other vulnerabilities. |
|
VCID-372n-zvjn-aaag
Aliases: CVE-2017-8394 |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 4 due to NULL pointer dereferencing of _bfd_elf_large_com_section. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objcopy, to crash. |
Affected by 21 other vulnerabilities. |
|
VCID-3b2a-1h7m-aaaa
Aliases: CVE-2017-14128 |
The decode_line_info function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (read_1_byte heap-based buffer over-read and application crash) via a crafted ELF file. |
Affected by 131 other vulnerabilities. |
|
VCID-3qu6-xgnf-aaan
Aliases: CVE-2018-18484 |
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack consumption problem caused by recursive stack frames: cplus_demangle_type, d_bare_function_type, d_function_type. |
Affected by 21 other vulnerabilities. |
|
VCID-3w89-33bw-aaac
Aliases: CVE-2018-13033 |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file, as demonstrated by _bfd_elf_parse_attributes in elf-attrs.c and bfd_malloc in libbfd.c. This can occur during execution of nm. |
Affected by 21 other vulnerabilities. |
|
VCID-44pp-cr83-aaah
Aliases: CVE-2018-6872 |
The elf_parse_notes function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (out-of-bounds read and segmentation violation) via a note with a large alignment. |
Affected by 111 other vulnerabilities. |
|
VCID-48bs-v5ps-aaag
Aliases: CVE-2014-8738 |
The _bfd_slurp_extended_name_table function in bfd/archive.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (invalid write, segmentation fault, and crash) via a crafted extended name table in an archive. |
Affected by 173 other vulnerabilities. |
|
VCID-497e-17m7-aaaa
Aliases: CVE-2017-14934 |
process_debug_info in dwarf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite loop) via a crafted ELF file that contains a negative size value in a CU structure. |
Affected by 21 other vulnerabilities. |
|
VCID-4er8-uqcr-aaae
Aliases: CVE-2017-8398 |
dwarf.c in GNU Binutils 2.28 is vulnerable to an invalid read of size 1 during dumping of debug information from a corrupt binary. This vulnerability causes programs that conduct an analysis of binary programs, such as objdump and readelf, to crash. |
Affected by 21 other vulnerabilities. |
|
VCID-4mae-qgmv-aaad
Aliases: CVE-2020-35495 |
There's a flaw in binutils /bfd/pef.c. An attacker who is able to submit a crafted input file to be processed by the objdump program could cause a null pointer dereference. The greatest threat from this flaw is to application availability. This flaw affects binutils versions prior to 2.34. |
Affected by 3 other vulnerabilities. |
|
VCID-4rja-6qd3-aaas
Aliases: CVE-2017-9751 |
opcodes/rl78-decode.opc in GNU Binutils 2.28 has an unbounded GETBYTE macro, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. |
Affected by 21 other vulnerabilities. |
|
VCID-4tg5-cm1x-aaar
Aliases: CVE-2018-18701 |
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions next_is_type_qual() and cplus_demangle_type() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm. |
Affected by 21 other vulnerabilities. |
|
VCID-4tq8-y4xu-aaaa
Aliases: CVE-2019-9077 |
An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section. |
Affected by 13 other vulnerabilities. Affected by 8 other vulnerabilities. |
|
VCID-4tvf-z4md-aaaj
Aliases: CVE-2017-8421 |
The function coff_set_alignment_hook in coffcode.h in Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a memory leak vulnerability which can cause memory exhaustion in objdump via a crafted PE file. Additional validation in dump_relocs_in_section in objdump.c can resolve this. |
Affected by 21 other vulnerabilities. |
|
VCID-4usr-vqns-aaac
Aliases: CVE-2017-14932 |
decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite loop) via a crafted ELF file. |
Affected by 21 other vulnerabilities. |
|
VCID-4uvu-dhem-aaap
Aliases: CVE-2017-14930 |
Memory leak in decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file. |
Affected by 128 other vulnerabilities. |
|
VCID-53mw-7ztp-aaac
Aliases: CVE-2017-16827 |
The aout_get_external_symbols function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (slurp_symtab invalid free and application crash) or possibly have unspecified other impact via a crafted ELF file. |
Affected by 121 other vulnerabilities. |
|
VCID-565w-hvaz-aaag
Aliases: CVE-2018-20673 |
The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for "Create an array for saving the template argument values") that can trigger a heap-based buffer overflow, as demonstrated by nm. |
Affected by 2 other vulnerabilities. |
|
VCID-5jyx-ucn3-aaaa
Aliases: CVE-2017-7226 |
The pe_ILF_object_p function in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a heap-based buffer over-read of size 4049 because it uses the strlen function instead of strnlen, leading to program crashes in several utilities such as addr2line, size, and strings. It could lead to information disclosure as well. |
Affected by 21 other vulnerabilities. |
|
VCID-5yc4-85jv-aaan
Aliases: CVE-2017-9955 |
The get_build_id function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file in which a certain size field is larger than a corresponding data field, as demonstrated by mishandling within the objdump program. |
Affected by 153 other vulnerabilities. |
|
VCID-5yrt-uw3p-aaaf
Aliases: CVE-2018-17985 |
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplus_demangle_type function making recursive calls to itself in certain scenarios involving many 'P' characters. |
Affected by 21 other vulnerabilities. |
|
VCID-6xap-414v-aaan
Aliases: CVE-2017-12455 |
The evax_bfd_print_emh function in vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file. |
Affected by 131 other vulnerabilities. |
|
VCID-75u2-yt78-aaas
Aliases: CVE-2017-7301 |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in bfd/aoutx.h that has an off-by-one vulnerability because it does not carefully check the string offset. The vulnerability could lead to a GNU linker (ld) program crash. |
Affected by 169 other vulnerabilities. |
|
VCID-7gbv-a6j8-aaab
Aliases: CVE-2017-12459 |
The bfd_mach_o_read_symtab_strtab function in bfd/mach-o.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted mach-o file. |
Affected by 131 other vulnerabilities. |
|
VCID-7ygr-zrh3-aaaa
Aliases: CVE-2019-17451 |
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c, as demonstrated by nm. |
Affected by 8 other vulnerabilities. |
|
VCID-824m-98s7-aaah
Aliases: CVE-2018-17358 |
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in _bfd_stab_section_find_nearest_line in syms.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file. |
Affected by 21 other vulnerabilities. |
|
VCID-84rr-x3nc-aaaf
Aliases: CVE-2017-9747 |
The ieee_archive_p function in bfd/ieee.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, might allow remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. NOTE: this may be related to a compiler bug. |
Affected by 21 other vulnerabilities. |
|
VCID-875y-epce-aaaj
Aliases: CVE-2018-1000876 |
binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f. |
Affected by 21 other vulnerabilities. |
|
VCID-89g8-32r2-aaaa
Aliases: CVE-2018-6759 |
The bfd_get_debug_link_info_1 function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, has an unchecked strnlen operation. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) via a crafted ELF file. |
Affected by 111 other vulnerabilities. |
|
VCID-8avx-j583-aaap
Aliases: CVE-2017-9043 |
readelf.c in GNU Binutils 2017-04-12 has a "shift exponent too large for type unsigned long" issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file. |
Affected by 21 other vulnerabilities. |
|
VCID-8g8f-xxyk-aaah
Aliases: CVE-2017-9749 |
The *regs* macros in opcodes/bfin-dis.c in GNU Binutils 2.28 allow remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. |
Affected by 21 other vulnerabilities. |
|
VCID-8wqb-3jem-aaaj
Aliases: CVE-2017-9753 |
The versados_mkobject function in bfd/versados.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, does not initialize a certain data structure, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. |
Affected by 153 other vulnerabilities. |
|
VCID-961k-fd9c-aaae
Aliases: CVE-2018-10373 |
concat_filename in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted binary file, as demonstrated by nm-new. |
Affected by 21 other vulnerabilities. |
|
VCID-9sfd-pess-aaam
Aliases: CVE-2018-17359 |
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in bfd_zalloc in opncls.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file. |
Affected by 21 other vulnerabilities. |
|
VCID-9t9e-vgwb-aaab
Aliases: CVE-2018-10534 |
The _bfd_XX_bfd_copy_private_bfd_data_common function in peXXigen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, processes a negative Data Directory size with an unbounded loop that increases the value of (external_IMAGE_DEBUG_DIRECTORY) *edd so that the address exceeds its own memory region, resulting in an out-of-bounds memory write, as demonstrated by objcopy copying private info with _bfd_pex64_bfd_copy_private_bfd_data_common in pex64igen.c. |
Affected by 21 other vulnerabilities. |
|
VCID-a1jc-rtnj-aaah
Aliases: CVE-2017-14529 |
The pe_print_idata function in peXXigen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles HintName vector entries, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted PE file, related to the bfd_getl16 function. |
Affected by 131 other vulnerabilities. |
|
VCID-a2mg-yzb6-aaaa
Aliases: CVE-2018-18700 |
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions d_name(), d_encoding(), and d_local_name() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm. |
Affected by 21 other vulnerabilities. |
|
VCID-a4z1-22fn-aaam
Aliases: CVE-2017-16832 |
The pe_bfd_read_buildid function in peicode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate size and offset values in the data dictionary, which allows remote attackers to cause a denial of service (segmentation violation and application crash) or possibly have unspecified other impact via a crafted PE file. |
Affected by 121 other vulnerabilities. |
|
VCID-afuk-zmu1-aaae
Aliases: CVE-2017-15025 |
decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted ELF file. |
Affected by 21 other vulnerabilities. |
|
VCID-agg2-3tqq-aaah
Aliases: CVE-2017-13757 |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the PLT section size, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to elf_i386_get_synthetic_symtab in elf32-i386.c and elf_x86_64_get_synthetic_symtab in elf64-x86-64.c. |
Affected by 131 other vulnerabilities. |
|
VCID-ajtg-21ay-aaaf
Aliases: CVE-2019-12972 |
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\0' character. |
Affected by 18 other vulnerabilities. Affected by 8 other vulnerabilities. |
|
VCID-ar3p-scrk-aaaj
Aliases: CVE-2017-9750 |
opcodes/rx-decode.opc in GNU Binutils 2.28 lacks bounds checks for certain scale arrays, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. |
Affected by 21 other vulnerabilities. |
|
VCID-b4vs-s3v7-aaan
Aliases: CVE-2016-4487 |
Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "btypevec." |
Affected by 161 other vulnerabilities. |
|
VCID-b81c-x91t-aaaa
Aliases: CVE-2017-12458 |
The nlm_swap_auxiliary_headers_in function in bfd/nlmcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted nlm file. |
Affected by 131 other vulnerabilities. |
|
VCID-b9na-qkds-aaam
Aliases: CVE-2017-7302 |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a swap_std_reloc_out function in bfd/aoutx.h that is vulnerable to an invalid read (of size 4) because of missing checks for relocs that could not be recognised. This vulnerability causes Binutils utilities like strip to crash. |
Affected by 169 other vulnerabilities. |
|
VCID-baa4-cptv-aaaa
Aliases: CVE-2018-10372 |
process_cu_tu_index in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted binary file, as demonstrated by readelf. |
Affected by 21 other vulnerabilities. |
|
VCID-bdsp-rb33-aaaq
Aliases: CVE-2017-7224 |
The find_nearest_line function in objdump in GNU Binutils 2.28 is vulnerable to an invalid write (of size 1) while disassembling a corrupt binary that contains an empty function name, leading to a program crash. |
Affected by 21 other vulnerabilities. |
|
VCID-bfsy-f2jh-aaak
Aliases: CVE-2018-18483 |
The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt. |
Affected by 18 other vulnerabilities. |
|
VCID-bgmy-98q8-aaag
Aliases: CVE-2019-9073 |
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in _bfd_elf_slurp_version_tables in elf.c. |
Affected by 13 other vulnerabilities. Affected by 8 other vulnerabilities. |
|
VCID-bnd7-s557-aaam
Aliases: CVE-2020-35496 |
There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. This flaw affects binutils versions prior to 2.34. |
Affected by 3 other vulnerabilities. |
|
VCID-bw67-6vkk-aaab
Aliases: CVE-2017-7614 |
elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a "member access within null pointer" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an "int main() {return 0;}" program. |
Affected by 153 other vulnerabilities. |
|
VCID-c1x6-ws57-aaah
Aliases: CVE-2017-9756 |
The aarch64_ext_ldst_reglist function in opcodes/aarch64-dis.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. |
Affected by 153 other vulnerabilities. |
|
VCID-cj7g-6j3r-aaar
Aliases: CVE-2018-12700 |
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. |
Affected by 21 other vulnerabilities. |
|
VCID-cvkf-yu9y-aaap
Aliases: CVE-2018-12641 |
An issue was discovered in arm_pt in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_arm_hp_template, demangle_class_name, demangle_fund_type, do_type, do_arg, demangle_args, and demangle_nested_args. This can occur during execution of nm-new. |
Affected by 21 other vulnerabilities. |
|
VCID-cw6f-akx6-aaae
Aliases: CVE-2017-15022 |
dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the DW_AT_name data type, which allows remote attackers to cause a denial of service (bfd_hash_hash NULL pointer dereference, or out-of-bounds access, and application crash) via a crafted ELF file, related to scan_unit_for_symbols and parse_comp_unit. |
Affected by 21 other vulnerabilities. |
|
VCID-cz2e-tkm6-aaag
Aliases: CVE-2017-17126 |
The load_debug_section function in readelf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via an ELF file that lacks section headers. |
Affected by 21 other vulnerabilities. |
|
VCID-d85w-a3fx-aaaj
Aliases: CVE-2017-13710 |
The setup_group function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a group section that is too small. |
Affected by 131 other vulnerabilities. |
|
VCID-dfnu-gu92-aaap
Aliases: CVE-2014-8501 |
The _bfd_XXi_swap_aouthdr_in function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) and possibly have other unspecified impact via a crafted NumberOfRvaAndSizes field in the AOUT header in a PE executable. |
Affected by 173 other vulnerabilities. Affected by 173 other vulnerabilities. |
|
VCID-dpjx-3zjw-aaaa
Aliases: CVE-2018-7569 |
dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer underflow or overflow, and application crash) via an ELF file with a corrupt DWARF FORM block, as demonstrated by nm. |
Affected by 111 other vulnerabilities. |
|
VCID-dqe3-n3qr-aaar
Aliases: CVE-2018-20651 |
A NULL pointer dereference was discovered in elf_link_add_object_symbols in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.1. This occurs for a crafted ET_DYN with no program headers. A specially crafted ELF file allows remote attackers to cause a denial of service, as demonstrated by ld. |
Affected by 21 other vulnerabilities. |
|
VCID-e1s8-nwar-aaad
Aliases: CVE-2017-17125 |
nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global symbols, which allows remote attackers to cause a denial of service (_bfd_elf_get_symbol_version_string buffer over-read and application crash) or possibly have unspecified other impact via a crafted ELF file. |
Affected by 21 other vulnerabilities. |
|
VCID-eb7h-p6z2-aaan
Aliases: CVE-2020-16592 |
A use after free issue exists in the Binary File Descriptor (BFD) library (aka libbfd) in GNU Binutils 2.34 in bfd_hash_lookup, as demonstrated in nm-new, that can cause a denial of service via a crafted file. |
Affected by 0 other vulnerabilities. |
|
VCID-ek28-ez43-aaaj
Aliases: CVE-2018-7208 |
In the coff_pointerize_aux function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, an index is not validated, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted file, as demonstrated by objcopy of a COFF object. |
Affected by 111 other vulnerabilities. |
|
VCID-eqs4-aw42-aaan
Aliases: CVE-2017-9752 |
bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file in the _bfd_vms_get_value and _bfd_vms_slurp_etir functions during "objdump -D" execution. |
Affected by 21 other vulnerabilities. |
|
VCID-erab-p9xj-aaak
Aliases: CVE-2017-8395 |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid write of size 8 because of missing a malloc() return-value check to see if memory had actually been allocated in the _bfd_generic_get_section_contents function. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objcopy, to crash. |
Affected by 21 other vulnerabilities. |
|
VCID-es2p-cft9-aaas
Aliases: CVE-2018-12934 |
remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM). This can occur during execution of cxxfilt. |
Affected by 18 other vulnerabilities. |
|
VCID-fb9g-57bf-aaas
Aliases: CVE-2017-17080 |
elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate sizes of core notes, which allows remote attackers to cause a denial of service (bfd_getl32 heap-based buffer over-read and application crash) via a crafted object file, related to elfcore_grok_netbsd_procinfo, elfcore_grok_openbsd_procinfo, and elfcore_grok_nto_status. |
Affected by 21 other vulnerabilities. |
|
VCID-fed5-qeec-aaak
Aliases: CVE-2017-9754 |
The process_otr function in bfd/versados.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, does not validate a certain offset, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. |
Affected by 153 other vulnerabilities. |
|
VCID-fjcd-9ebe-aaae
Aliases: CVE-2017-9748 |
The ieee_object_p function in bfd/ieee.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, might allow remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. NOTE: this may be related to a compiler bug. |
Affected by 21 other vulnerabilities. |
|
VCID-fnev-yt33-aaag
Aliases: CVE-2018-17794 |
An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in work_stuff_copy_to_from when called from iterate_demangle_function. |
Affected by 21 other vulnerabilities. |
|
VCID-fuvr-s8pf-aaap
Aliases: CVE-2017-12452 |
The bfd_mach_o_i386_canonicalize_one_reloc function in bfd/mach-o-i386.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted mach-o file. |
Affected by 131 other vulnerabilities. |
|
VCID-g4h7-qqyr-aaaa
Aliases: CVE-2014-8485 |
The setup_group function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted section group headers in an ELF file. |
Affected by 173 other vulnerabilities. |
|
VCID-gg7p-bvwe-aaaa
Aliases: CVE-2016-4493 |
The demangle_template_value_parm and do_hpacc_template_literal functions in cplus-dem.c in libiberty allow remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted binary. |
Affected by 161 other vulnerabilities. |
|
VCID-h6v4-vp1z-aaas
Aliases: CVE-2017-14974 |
The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandle the failure of a certain canonicalization step, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c. |
Affected by 130 other vulnerabilities. |
|
VCID-hj9p-eb96-aaam
Aliases: CVE-2018-8945 |
The bfd_section_from_shdr function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (segmentation fault) via a large attribute section. |
Affected by 111 other vulnerabilities. |
|
VCID-hxah-u6gs-aaah
Aliases: CVE-2018-18605 |
A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld. |
Affected by 21 other vulnerabilities. |
|
VCID-j28p-3pe8-aaad
Aliases: CVE-2014-8502 |
Heap-based buffer overflow in the pe_print_edata function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a truncated export table in a PE file. |
Affected by 173 other vulnerabilities. |
|
VCID-j35t-2dc1-aaar
Aliases: CVE-2017-7209 |
The dump_section_as_bytes function in readelf in GNU Binutils 2.28 accesses a NULL pointer while reading section contents in a corrupt binary, leading to a program crash. |
Affected by 21 other vulnerabilities. |
|
VCID-jb8u-2tyg-aaaj
Aliases: CVE-2017-17124 |
The _bfd_coff_read_string_table function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not properly validate the size of the external string table, which allows remote attackers to cause a denial of service (excessive memory consumption, or heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted COFF binary. |
Affected by 21 other vulnerabilities. |
|
VCID-jbjk-zb77-aaae
Aliases: CVE-2019-17450 |
find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file. |
Affected by 8 other vulnerabilities. |
|
VCID-jm2t-94ea-aaar
Aliases: CVE-2014-8484 |
The srec_scan function in bfd/srec.c in libdbfd in GNU binutils before 2.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a small S-record. |
Affected by 173 other vulnerabilities. |
|
VCID-jvnf-hs8k-aaan
Aliases: CVE-2018-19931 |
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is a heap-based buffer overflow in bfd_elf32_swap_phdr_in in elfcode.h because the number of program headers is not restricted. |
Affected by 21 other vulnerabilities. |
|
VCID-jy1h-fc6w-aaaa
Aliases: CVE-2018-12698 |
demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of objdump. |
Affected by 21 other vulnerabilities. |
|
VCID-kbr7-tbru-aaaq
Aliases: CVE-2017-9042 |
readelf.c in GNU Binutils 2017-04-12 has a "cannot be represented in type long" issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file. |
Affected by 21 other vulnerabilities. |
|
VCID-kcju-sfhm-aaar
Aliases: CVE-2017-14938 |
_bfd_elf_slurp_version_tables in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file. |
Affected by 21 other vulnerabilities. |
|
VCID-ksr8-hjbz-aaas
Aliases: CVE-2017-14940 |
scan_unit_for_symbols in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file. |
Affected by 21 other vulnerabilities. |
|
VCID-m8xj-qm2u-aaaa
Aliases: CVE-2019-9070 |
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive calls. |
Affected by 13 other vulnerabilities. Affected by 8 other vulnerabilities. |
|
VCID-mfpt-7f3s-aaad
Aliases: CVE-2017-15021 |
bfd_get_debug_link_info_1 in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to bfd_getl32. |
Affected by 21 other vulnerabilities. |
|
VCID-mjms-axwn-aaaf
Aliases: CVE-2017-14333 |
The process_version_sections function in readelf.c in GNU Binutils 2.29 allows attackers to cause a denial of service (Integer Overflow, and hang because of a time-consuming loop) or possibly have unspecified other impact via a crafted binary file with invalid values of ent.vn_next, during "readelf -a" execution. |
Affected by 131 other vulnerabilities. |
|
VCID-mp19-6m6c-aaad
Aliases: CVE-2014-8504 |
Stack-based buffer overflow in the srec_scan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted file. |
Affected by 173 other vulnerabilities. |
|
VCID-msks-vp54-aaar
Aliases: CVE-2016-4491 |
The d_print_comp function in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, which triggers infinite recursion and a buffer overflow, related to a node having "itself as ancestor more than once." |
Affected by 153 other vulnerabilities. |
|
VCID-n2pk-dwts-aaaj
Aliases: CVE-2017-15996 |
elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service (excessive memory allocation) or possibly have unspecified other impact via a crafted ELF file that triggers a "buffer overflow on fuzzed archive header," related to an uninitialized variable, an improper conditional jump, and the get_archive_member_name, process_archive_index_and_symbols, and setup_archive functions. |
Affected by 21 other vulnerabilities. |
|
VCID-n479-3mn6-aaac
Aliases: CVE-2016-4492 |
Buffer overflow in the do_type function in cplus-dem.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary. |
Affected by 161 other vulnerabilities. |
|
VCID-nb77-ktqt-aaan
Aliases: CVE-2017-12449 |
The _bfd_vms_save_sized_string function in vms-misc.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms file. |
Affected by 131 other vulnerabilities. |
|
VCID-ncj7-xctg-aaaj
Aliases: CVE-2017-14129 |
The read_section function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (parse_comp_unit heap-based buffer over-read and application crash) via a crafted ELF file. |
Affected by 131 other vulnerabilities. |
|
VCID-ngdx-q1hj-aaae
Aliases: CVE-2017-16831 |
coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate the symbol count, which allows remote attackers to cause a denial of service (integer overflow and application crash, or excessive memory allocation) or possibly have unspecified other impact via a crafted PE file. |
Affected by 121 other vulnerabilities. |
|
VCID-nnxe-6dsq-aaaa
Aliases: CVE-2020-35494 |
There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted input file to be processed by binutils could cause usage of uninitialized memory. The highest threat is to application availability with a lower threat to data confidentiality. This flaw affects binutils versions prior to 2.34. |
Affected by 3 other vulnerabilities. |
|
VCID-npnh-bjkd-aaak
Aliases: CVE-2018-6543 |
In GNU Binutils 2.30, there's an integer overflow in the function load_specific_debug_section() in objdump.c, which results in `malloc()` with 0 size. A crafted ELF file allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. |
Affected by 21 other vulnerabilities. |
|
VCID-nw6t-t5e2-aaae
Aliases: CVE-2017-8392 |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 8 because of missing a check to determine whether symbols are NULL in the _bfd_dwarf2_find_nearest_line function. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objdump, to crash. |
Affected by 120 other vulnerabilities. |
|
VCID-nzvx-gfxd-aaaf
Aliases: CVE-2016-2226 |
Integer overflow in the string_appends function in cplus-dem.c in libiberty allows remote attackers to execute arbitrary code via a crafted executable, which triggers a buffer overflow. |
Affected by 161 other vulnerabilities. |
|
VCID-p85y-jrz7-aaab
Aliases: CVE-2017-9040 |
GNU Binutils 2017-04-03 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash), related to the process_mips_specific function in readelf.c, via a crafted ELF file that triggers a large memory-allocation attempt. |
Affected by 21 other vulnerabilities. |
|
VCID-pd77-d33c-aaam
Aliases: CVE-2018-18309 |
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in read_reloc in reloc.c. The vulnerability causes a segmentation fault and application crash, which leads to denial of service, as demonstrated by objdump, because of missing _bfd_clear_contents bounds checking. |
Affected by 21 other vulnerabilities. |
|
VCID-pdrv-qfbp-aaan
Aliases: CVE-2017-6966 |
readelf in GNU Binutils 2.28 has a use-after-free (specifically read-after-free) error while processing multiple, relocated sections in an MSP430 binary. This is caused by mishandling of an invalid symbol index, and mishandling of state across invocations. |
Affected by 21 other vulnerabilities. |
|
VCID-pjjk-3wgs-aaap
Aliases: CVE-2017-14745 |
The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, interpret a -1 value as a sorting count instead of an error flag, which allows remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c. |
Affected by 131 other vulnerabilities. |
|
VCID-pjkh-8vkk-aaaj
Aliases: CVE-2017-8393 |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a global buffer over-read error because of an assumption made by code that runs for objcopy and strip, that SHT_REL/SHR_RELA sections are always named starting with a .rel/.rela prefix. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objcopy and strip, to crash. |
Affected by 21 other vulnerabilities. |
|
VCID-pk1h-6d8p-aaag
Aliases: CVE-2017-15938 |
dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, miscalculates DW_FORM_ref_addr die refs in the case of a relocatable object file, which allows remote attackers to cause a denial of service (find_abstract_instance_name invalid memory read, segmentation fault, and application crash). |
Affected by 21 other vulnerabilities. |
|
VCID-prcb-akq9-aaas
Aliases: CVE-2018-12699 |
finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump. |
Affected by 21 other vulnerabilities. |
|
VCID-prnn-s8nt-aaae
Aliases: CVE-2020-35493 |
A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap buffer overflow -> out-of-bounds read that could lead to an impact to application availability. This flaw affects binutils versions prior to 2.34. |
Affected by 3 other vulnerabilities. |
|
VCID-psa6-vz5k-aaag
Aliases: CVE-2017-16826 |
The coff_slurp_line_table function in coffcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via a crafted PE file. |
Affected by 121 other vulnerabilities. |
|
VCID-ptmx-tcrv-aaan
Aliases: CVE-2017-17123 |
The coff_slurp_reloc_table function in coffcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted COFF based file. |
Affected by 21 other vulnerabilities. |
|
VCID-q4pw-fhdj-aaah
Aliases: CVE-2018-12697 |
A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump. |
Affected by 21 other vulnerabilities. |
|
VCID-q536-r2xm-aaah
Aliases: CVE-2017-12448 |
The bfd_cache_close function in bfd/cache.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a heap use after free and possibly achieve code execution via a crafted nested archive file. This issue occurs because incorrect functions are called during an attempt to release memory. The issue can be addressed by better input validation in the bfd_generic_archive_p function in bfd/archive.c. |
Affected by 131 other vulnerabilities. |
|
VCID-q5b3-jn94-aaan
Aliases: CVE-2017-16829 |
The _bfd_elf_parse_gnu_properties function in elf-properties.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not prevent negative pointers, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a crafted ELF file. |
Affected by 121 other vulnerabilities. |
|
VCID-q7fx-dqbf-aaaq
Aliases: CVE-2017-12454 |
The _bfd_vms_slurp_egsd function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an arbitrary memory read via a crafted vms alpha file. |
Affected by 131 other vulnerabilities. |
|
VCID-q8fx-xknv-aaar
Aliases: CVE-2017-15939 |
dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles NULL files in a .debug_line file table, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to concat_filename. NOTE: this issue is caused by an incomplete fix for CVE-2017-15023. |
Affected by 21 other vulnerabilities. |
|
VCID-qasx-xrjn-aaap
Aliases: CVE-2017-9745 |
The _bfd_vms_slurp_etir function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. |
Affected by 21 other vulnerabilities. |
|
VCID-qh2t-8tjc-aaar
Aliases: CVE-2017-15225 |
_bfd_dwarf2_cleanup_debug_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (memory leak) via a crafted ELF file. |
Affected by 21 other vulnerabilities. |
|
VCID-qr7c-w9sa-aaag
Aliases: CVE-2017-9954 |
The getvalue function in tekhex.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted tekhex file, as demonstrated by mishandling within the nm program. |
Affected by 153 other vulnerabilities. |
|
VCID-qxjz-5trk-aaam
Aliases: CVE-2018-18606 |
An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in _bfd_add_merge_section when attempting to merge sections with large alignments. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld. |
Affected by 21 other vulnerabilities. |
|
VCID-r4yx-jctz-aaan
Aliases: CVE-2021-3487 |
Rejected reason: Non Security Issue. See the binutils security policy for more details, https://sourceware.org/cgit/binutils-gdb/tree/binutils/SECURITY.txt |
Affected by 0 other vulnerabilities. |
|
VCID-r8bp-9ajm-aaad
Aliases: CVE-2017-15020 |
dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles pointers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file, related to parse_die and parse_line_table, as demonstrated by a parse_die heap-based buffer over-read. |
Affected by 21 other vulnerabilities. |
|
VCID-r8fy-e4p6-aaae
Aliases: CVE-2017-15024 |
find_abstract_instance_name in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file. |
Affected by 21 other vulnerabilities. |
|
VCID-rbcn-bfaf-aaan
Aliases: CVE-2017-8396 |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 because the existing reloc offset range tests didn't catch small negative offsets less than the size of the reloc field. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objdump, to crash. |
Affected by 21 other vulnerabilities. |
|
VCID-rbju-s3gp-aaar
Aliases: CVE-2014-8503 |
Stack-based buffer overflow in the ihex_scan function in bfd/ihex.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted ihex file. |
Affected by 173 other vulnerabilities. |
|
VCID-rezr-4az6-aaac
Aliases: CVE-2016-4488 |
Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "ktypevec." |
Affected by 161 other vulnerabilities. |
|
VCID-rf1t-p1hp-aaar
Aliases: CVE-2017-9044 |
The print_symbol_for_build_attribute function in readelf.c in GNU Binutils 2017-04-12 allows remote attackers to cause a denial of service (invalid read and SEGV) via a crafted ELF file. |
Affected by 21 other vulnerabilities. |
|
VCID-rfyn-bv1e-aaan
Aliases: CVE-2014-8737 |
Multiple directory traversal vulnerabilities in GNU binutils 2.24 and earlier allow local users to delete arbitrary files via a .. (dot dot) or full path name in an archive to (1) strip or (2) objcopy or create arbitrary files via (3) a .. (dot dot) or full path name in an archive to ar. |
Affected by 173 other vulnerabilities. |
|
VCID-rruv-paaf-aaad
Aliases: CVE-2017-12451 |
The _bfd_xcoff_read_ar_hdr function in bfd/coff-rs6000.c and bfd/coff64-rs6000.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds stack read via a crafted COFF image file. |
Affected by 131 other vulnerabilities. |
|
VCID-rsak-2xhu-aaae
Aliases: CVE-2018-20671 |
load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size. |
Affected by 21 other vulnerabilities. |
|
VCID-rxxt-2ggf-aaan
Aliases: CVE-2017-8397 |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 and an invalid write of size 1 during processing of a corrupt binary containing reloc(s) with negative addresses. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objdump, to crash. |
Affected by 21 other vulnerabilities. |
|
VCID-s296-vknj-aaad
Aliases: CVE-2017-9742 |
The score_opcodes function in opcodes/score7-dis.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. |
Affected by 21 other vulnerabilities. |
|
VCID-s4d8-14c6-aaag
Aliases: CVE-2019-14250 |
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow. |
Affected by 13 other vulnerabilities. Affected by 8 other vulnerabilities. |
|
VCID-s774-4b47-aaaj
Aliases: CVE-2017-9755 |
opcodes/i386-dis.c in GNU Binutils 2.28 does not consider the number of registers for bnd mode, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. |
Affected by 153 other vulnerabilities. |
|
VCID-sd2q-hjup-aaab
Aliases: CVE-2019-14444 |
apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf. |
Affected by 13 other vulnerabilities. Affected by 8 other vulnerabilities. |
|
VCID-smdd-4nzs-aaad
Aliases: CVE-2017-14933 |
read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite loop) via a crafted ELF file. |
Affected by 21 other vulnerabilities. |
|
VCID-sznd-kpuk-aaar
Aliases: CVE-2017-15023 |
read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not properly validate the format count, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to concat_filename. |
Affected by 21 other vulnerabilities. |
|
VCID-szyg-h58d-aaas
Aliases: CVE-2017-6969 |
readelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer over-read while processing corrupt RL78 binaries. The vulnerability can trigger program crashes. It may lead to an information leak as well. |
Affected by 21 other vulnerabilities. |
|
VCID-t9z7-r59d-aaaf
Aliases: CVE-2017-12456 |
The read_symbol_stabs_debugging_info function in rddbg.c in GNU Binutils 2.29 and earlier allows remote attackers to cause an out of bounds heap read via a crafted binary file. |
Affected by 131 other vulnerabilities. |
|
VCID-tcnf-4f1g-aaac
Aliases: CVE-2017-7227 |
GNU linker (ld) in GNU Binutils 2.28 is vulnerable to a heap-based buffer overflow while processing a bogus input script, leading to a program crash. This relates to lack of '\0' termination of a name field in ldlex.l. |
Affected by 21 other vulnerabilities. |
|
VCID-trht-5tms-aaaa
Aliases: CVE-2019-9071 |
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls. |
Affected by 13 other vulnerabilities. Affected by 8 other vulnerabilities. |
|
VCID-tv36-6hcb-aaad
Aliases: CVE-2017-12453 |
The _bfd_vms_slurp_eeom function in libbfd.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file. |
Affected by 131 other vulnerabilities. |
|
VCID-twd3-fs77-aaaa
Aliases: CVE-2017-16830 |
The print_gnu_property_note function in readelf.c in GNU Binutils 2.29.1 does not have integer-overflow protection on 32-bit platforms, which allows remote attackers to cause a denial of service (segmentation violation and application crash) or possibly have unspecified other impact via a crafted ELF file. |
Affected by 121 other vulnerabilities. |
|
VCID-u1k5-nupk-aaae
Aliases: CVE-2017-12450 |
The alpha_vms_object_p function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted vms alpha file. |
Affected by 131 other vulnerabilities. |
|
VCID-ua61-ub68-aaaq
Aliases: CVE-2017-9746 |
The disassemble_bytes function in objdump.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of rae insns printing for this file during "objdump -D" execution. |
Affected by 21 other vulnerabilities. |
|
VCID-ubwa-zknb-aaar
Aliases: CVE-2019-9074 |
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c. |
Affected by 13 other vulnerabilities. Affected by 8 other vulnerabilities. |
|
VCID-ujyd-g3vb-aaad
Aliases: CVE-2020-35507 |
There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. |
Affected by 3 other vulnerabilities. |
|
VCID-um7d-ehm2-aaah
Aliases: CVE-2018-9138 |
An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_nested_args, demangle_args, do_arg, and do_type. |
Affected by 110 other vulnerabilities. |
|
VCID-umgm-by2j-aaas
Aliases: CVE-2017-17121 |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (memory access violation) or possibly have unspecified other impact via a COFF binary in which a relocation refers to a location after the end of the to-be-relocated section. |
Affected by 21 other vulnerabilities. |
|
VCID-uupx-fmwk-aaac
Aliases: CVE-2017-12457 |
The bfd_make_section_with_flags function in section.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a NULL dereference via a crafted file. |
Affected by 131 other vulnerabilities. |
|
VCID-vmu4-tejr-aaan
Aliases: CVE-2016-6131 |
The demangler in GNU Libiberty allows remote attackers to cause a denial of service (infinite loop, stack overflow, and crash) via a cycle in the references of remembered mangled types. |
Affected by 161 other vulnerabilities. |
|
VCID-vpdw-p5fv-aaac
Aliases: CVE-2017-14729 |
The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, do not ensure a unique PLT entry for a symbol, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c. |
Affected by 128 other vulnerabilities. |
|
VCID-vpfm-g63s-aaac
Aliases: CVE-2018-7642 |
The swap_std_reloc_in function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (aout_32_swap_std_reloc_out NULL pointer dereference and application crash) via a crafted ELF file, as demonstrated by objcopy. |
Affected by 111 other vulnerabilities. |
|
VCID-vub8-t3bw-aaae
Aliases: CVE-2018-18607 |
An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in elf_link_input_bfd when used for finding STT_TLS symbols without any TLS section. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld. |
Affected by 21 other vulnerabilities. |
|
VCID-wr6c-7q6m-aaam
Aliases: CVE-2017-14130 |
The _bfd_elf_parse_attributes function in elf-attrs.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (_bfd_elf_attr_strdup heap-based buffer over-read and application crash) via a crafted ELF file. |
Affected by 131 other vulnerabilities. |
|
VCID-wu7f-wxmc-aaam
Aliases: CVE-2017-7223 |
GNU assembler in GNU Binutils 2.28 is vulnerable to a global buffer overflow (of size 1) while attempting to unget an EOF character from the input stream, potentially leading to a program crash. |
Affected by 21 other vulnerabilities. |
|
VCID-wx4y-fzsp-aaaq
Aliases: CVE-2019-9075 |
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c. |
Affected by 13 other vulnerabilities. Affected by 8 other vulnerabilities. |
|
VCID-xfgt-hv45-aaad
Aliases: CVE-2017-16828 |
The display_debug_frames function in dwarf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service (integer overflow and heap-based buffer over-read, and application crash) or possibly have unspecified other impact via a crafted ELF file, related to print_debug_frame. |
Affected by 121 other vulnerabilities. |
|
VCID-xhk1-gsd6-aaae
Aliases: CVE-2012-3509 |
Multiple integer overflows in the (1) _objalloc_alloc function in objalloc.c and (2) objalloc_alloc macro in include/objalloc.h in GNU libiberty, as used by binutils 2.22, allow remote attackers to cause a denial of service (crash) via vectors related to the "addition of CHUNK_HEADER_SIZE to the length," which triggers a heap-based buffer overflow. |
Affected by 181 other vulnerabilities. |
|
VCID-xnnw-b1m4-aaae
Aliases: CVE-2017-9744 |
The sh_elf_set_mach_from_flags function in bfd/elf32-sh.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. |
Affected by 21 other vulnerabilities. |
|
VCID-xvrb-z3xf-aaap
Aliases: CVE-2017-7225 |
The find_nearest_line function in addr2line in GNU Binutils 2.28 does not handle the case where the main file name and the directory name are both empty, triggering a NULL pointer dereference and an invalid write, and leading to a program crash. |
Affected by 21 other vulnerabilities. |
|
VCID-y24u-vawx-aaaq
Aliases: CVE-2018-17360 |
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfd_getl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executable objdump. |
Affected by 21 other vulnerabilities. |
|
VCID-y3jg-d2j2-aaar
Aliases: CVE-2017-6965 |
readelf in GNU Binutils 2.28 writes to illegal addresses while processing corrupt input files containing symbol-difference relocations, leading to a heap-based buffer overflow. |
Affected by 21 other vulnerabilities. |
|
VCID-yhpb-kk1v-aaar
Aliases: CVE-2018-7643 |
The display_debug_ranges function in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, as demonstrated by objdump. |
Affected by 111 other vulnerabilities. |
|
VCID-yq2s-gbef-aaam
Aliases: CVE-2018-20623 |
In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called from the process_archive function in readelf.c via a crafted ELF file. |
Affected by 21 other vulnerabilities. |
|
VCID-ysqh-yybj-aaac
Aliases: CVE-2017-9039 |
GNU Binutils 2.28 allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file with many program headers, related to the get_program_headers function in readelf.c. |
Affected by 21 other vulnerabilities. |
|
VCID-yt2h-eyr6-aaaa
Aliases: CVE-2017-7210 |
objdump in GNU Binutils 2.28 is vulnerable to multiple heap-based buffer over-reads (of size 1 and size 8) while handling corrupt STABS enum type strings in a crafted object file, leading to program crash. |
Affected by 21 other vulnerabilities. |
|
VCID-yuak-9ejn-aaaf
Aliases: CVE-2018-10535 |
The ignore_section_sym function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, does not validate the output_section pointer in the case of a symtab entry with a "SECTION" type that has a "0" value, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file, as demonstrated by objcopy. |
Affected by 21 other vulnerabilities. |
|
VCID-z73b-k7gs-aaab
Aliases: CVE-2014-9939 |
ihex.c in GNU Binutils before 2.26 contains a stack buffer overflow when printing bad bytes in Intel Hex objects. |
Affected by 172 other vulnerabilities. |
|
VCID-zg4d-pabs-aaap
Aliases: CVE-2017-9038 |
GNU Binutils 2.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to the byte_get_little_endian function in elfcomm.c, the get_unwind_section_word function in readelf.c, and ARM unwind information that contains invalid word offsets. |
Affected by 21 other vulnerabilities. |
|
VCID-zjje-2dc6-aaad
Aliases: CVE-2017-17122 |
The dump_relocs_in_section function in objdump.c in GNU Binutils 2.29.1 does not check for reloc count integer overflows, which allows remote attackers to cause a denial of service (excessive memory allocation, or heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PE file. |
Affected by 21 other vulnerabilities. |
|
VCID-zq98-1wmw-aaad
Aliases: CVE-2018-19932 |
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is an integer overflow and infinite loop caused by the IS_CONTAINED_BY_LMA macro in elf.c. |
Affected by 21 other vulnerabilities. |
|
VCID-zs3h-m8bp-aaah
Aliases: CVE-2016-4489 |
Integer overflow in the gnu_special function in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to the "demangling of virtual tables." |
Affected by 161 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|