rpm package
opensuse/cross-avr-binutils&distro=openSUSE Leap 15.5
pkg:rpm/opensuse/cross-avr-binutils&distro=openSUSE%20Leap%2015.5
Vulnerabilities (18)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-25585 | — | < 2.41-150100.7.46.1 | 2.41-150100.7.46.1 | Sep 14, 2023 | A flaw was found in Binutils. The use of an uninitialized field in the struct module *module may lead to application crash and local denial of service. | ||
| CVE-2023-25588 | — | < 2.41-150100.7.46.1 | 2.41-150100.7.46.1 | Sep 14, 2023 | A flaw was found in Binutils. The field `the_bfd` of `asymbol`struct is uninitialized in the `bfd_mach_o_get_synthetic_symtab` function, which may lead to an application crash and local denial of service. | ||
| CVE-2022-48065 | — | < 2.41-150100.7.46.1 | 2.41-150100.7.46.1 | Aug 22, 2023 | GNU Binutils before 2.40 was discovered to contain a memory leak vulnerability var the function find_abstract_instance in dwarf2.c. | ||
| CVE-2022-48064 | — | < 2.41-150100.7.46.1 | 2.41-150100.7.46.1 | Aug 22, 2023 | GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function bfd_dwarf2_find_nearest_line_with_alt at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack. | ||
| CVE-2022-48063 | — | < 2.41-150100.7.46.1 | 2.41-150100.7.46.1 | Aug 22, 2023 | GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function load_separate_debug_files at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack. | ||
| CVE-2022-47696 | — | < 2.41-150100.7.46.1 | 2.41-150100.7.46.1 | Aug 22, 2023 | An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function compare_symbols. | ||
| CVE-2022-47695 | — | < 2.41-150100.7.46.1 | 2.41-150100.7.46.1 | Aug 22, 2023 | An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function bfd_mach_o_get_synthetic_symtab in match-o.c. | ||
| CVE-2022-47673 | — | < 2.41-150100.7.46.1 | 2.41-150100.7.46.1 | Aug 22, 2023 | An issue was discovered in Binutils addr2line before 2.39.3, function parse_module contains multiple out of bound reads which may cause a denial of service or other unspecified impacts. | ||
| CVE-2022-45703 | — | < 2.41-150100.7.46.1 | 2.41-150100.7.46.1 | Aug 22, 2023 | Heap buffer overflow vulnerability in binutils readelf before 2.40 via function display_debug_section in file readelf.c. | ||
| CVE-2022-44840 | — | < 2.41-150100.7.46.1 | 2.41-150100.7.46.1 | Aug 22, 2023 | Heap buffer overflow vulnerability in binutils readelf before 2.40 via function find_section_in_set in file readelf.c. | ||
| CVE-2022-35206 | — | < 2.41-150100.7.46.1 | 2.41-150100.7.46.1 | Aug 22, 2023 | Null pointer dereference vulnerability in Binutils readelf 2.38.50 via function read_and_display_attr_value in file dwarf.c. | ||
| CVE-2022-35205 | — | < 2.41-150100.7.46.1 | 2.41-150100.7.46.1 | Aug 22, 2023 | An issue was discovered in Binutils readelf 2.38.50, reachable assertion failure in function display_debug_names allows attackers to cause a denial of service. | ||
| CVE-2020-19726 | — | < 2.41-150100.7.46.1 | 2.41-150100.7.46.1 | Aug 22, 2023 | An issue was discovered in binutils libbfd.c 2.36 relating to the auxiliary symbol data allows attackers to read or write to system memory or cause a denial of service. | ||
| CVE-2021-32256 | — | < 2.41-150100.7.46.1 | 2.41-150100.7.46.1 | Jul 18, 2023 | An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangle_type in rust-demangle.c. | ||
| CVE-2023-1972 | — | < 2.41-150100.7.46.1 | 2.41-150100.7.46.1 | May 17, 2023 | A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability. | ||
| CVE-2023-1579 | — | < 2.41-150100.7.46.1 | 2.41-150100.7.46.1 | Apr 3, 2023 | Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64. | ||
| CVE-2023-0687 | — | < 2.41-150100.7.46.1 | 2.41-150100.7.46.1 | Feb 6, 2023 | A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function __monstartup of the file gmon.c of the component Call Graph Monitor. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix thi | ||
| CVE-2022-4285 | — | < 2.41-150100.7.46.1 | 2.41-150100.7.46.1 | Jan 27, 2023 | An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599. |
- CVE-2023-25585Sep 14, 2023affected < 2.41-150100.7.46.1fixed 2.41-150100.7.46.1
A flaw was found in Binutils. The use of an uninitialized field in the struct module *module may lead to application crash and local denial of service.
- CVE-2023-25588Sep 14, 2023affected < 2.41-150100.7.46.1fixed 2.41-150100.7.46.1
A flaw was found in Binutils. The field `the_bfd` of `asymbol`struct is uninitialized in the `bfd_mach_o_get_synthetic_symtab` function, which may lead to an application crash and local denial of service.
- CVE-2022-48065Aug 22, 2023affected < 2.41-150100.7.46.1fixed 2.41-150100.7.46.1
GNU Binutils before 2.40 was discovered to contain a memory leak vulnerability var the function find_abstract_instance in dwarf2.c.
- CVE-2022-48064Aug 22, 2023affected < 2.41-150100.7.46.1fixed 2.41-150100.7.46.1
GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function bfd_dwarf2_find_nearest_line_with_alt at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack.
- CVE-2022-48063Aug 22, 2023affected < 2.41-150100.7.46.1fixed 2.41-150100.7.46.1
GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function load_separate_debug_files at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack.
- CVE-2022-47696Aug 22, 2023affected < 2.41-150100.7.46.1fixed 2.41-150100.7.46.1
An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function compare_symbols.
- CVE-2022-47695Aug 22, 2023affected < 2.41-150100.7.46.1fixed 2.41-150100.7.46.1
An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function bfd_mach_o_get_synthetic_symtab in match-o.c.
- CVE-2022-47673Aug 22, 2023affected < 2.41-150100.7.46.1fixed 2.41-150100.7.46.1
An issue was discovered in Binutils addr2line before 2.39.3, function parse_module contains multiple out of bound reads which may cause a denial of service or other unspecified impacts.
- CVE-2022-45703Aug 22, 2023affected < 2.41-150100.7.46.1fixed 2.41-150100.7.46.1
Heap buffer overflow vulnerability in binutils readelf before 2.40 via function display_debug_section in file readelf.c.
- CVE-2022-44840Aug 22, 2023affected < 2.41-150100.7.46.1fixed 2.41-150100.7.46.1
Heap buffer overflow vulnerability in binutils readelf before 2.40 via function find_section_in_set in file readelf.c.
- CVE-2022-35206Aug 22, 2023affected < 2.41-150100.7.46.1fixed 2.41-150100.7.46.1
Null pointer dereference vulnerability in Binutils readelf 2.38.50 via function read_and_display_attr_value in file dwarf.c.
- CVE-2022-35205Aug 22, 2023affected < 2.41-150100.7.46.1fixed 2.41-150100.7.46.1
An issue was discovered in Binutils readelf 2.38.50, reachable assertion failure in function display_debug_names allows attackers to cause a denial of service.
- CVE-2020-19726Aug 22, 2023affected < 2.41-150100.7.46.1fixed 2.41-150100.7.46.1
An issue was discovered in binutils libbfd.c 2.36 relating to the auxiliary symbol data allows attackers to read or write to system memory or cause a denial of service.
- CVE-2021-32256Jul 18, 2023affected < 2.41-150100.7.46.1fixed 2.41-150100.7.46.1
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangle_type in rust-demangle.c.
- CVE-2023-1972May 17, 2023affected < 2.41-150100.7.46.1fixed 2.41-150100.7.46.1
A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability.
- CVE-2023-1579Apr 3, 2023affected < 2.41-150100.7.46.1fixed 2.41-150100.7.46.1
Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64.
- CVE-2023-0687Feb 6, 2023affected < 2.41-150100.7.46.1fixed 2.41-150100.7.46.1
A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function __monstartup of the file gmon.c of the component Call Graph Monitor. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix thi
- CVE-2022-4285Jan 27, 2023affected < 2.41-150100.7.46.1fixed 2.41-150100.7.46.1
An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599.