VYPR

rpm package

suse/binutils&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP2

pkg:rpm/suse/binutils&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2

Vulnerabilities (99)

  • CVE-2017-9756HigJun 19, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The aarch64_ext_ldst_reglist function in opcodes/aarch64-dis.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of

  • CVE-2017-9755HigJun 19, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    opcodes/i386-dis.c in GNU Binutils 2.28 does not consider the number of registers for bnd mode, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated

  • CVE-2017-9750HigJun 19, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    opcodes/rx-decode.opc in GNU Binutils 2.28 lacks bounds checks for certain scale arrays, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mish

  • CVE-2017-9748HigJun 19, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The ieee_object_p function in bfd/ieee.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, might allow remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via

  • CVE-2017-9747HigJun 19, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The ieee_archive_p function in bfd/ieee.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, might allow remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via

  • CVE-2017-9746HigJun 19, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The disassemble_bytes function in objdump.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of rae insns printing

  • CVE-2017-9044MedMay 18, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The print_symbol_for_build_attribute function in readelf.c in GNU Binutils 2017-04-12 allows remote attackers to cause a denial of service (invalid read and SEGV) via a crafted ELF file.

  • CVE-2017-9043HigMay 18, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    readelf.c in GNU Binutils 2017-04-12 has a "shift exponent too large for type unsigned long" issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file.

  • CVE-2017-9042HigMay 18, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    readelf.c in GNU Binutils 2017-04-12 has a "cannot be represented in type long" issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file.

  • CVE-2017-9041MedMay 18, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    GNU Binutils 2.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to MIPS GOT mishandling in the process_mips_specific function in readelf.c.

  • CVE-2017-9040MedMay 18, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    GNU Binutils 2017-04-03 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash), related to the process_mips_specific function in readelf.c, via a crafted ELF file that triggers a large memory-allocation attempt.

  • CVE-2017-9039MedMay 18, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    GNU Binutils 2.28 allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file with many program headers, related to the get_program_headers function in readelf.c.

  • CVE-2017-9038MedMay 18, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    GNU Binutils 2.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to the byte_get_little_endian function in elfcomm.c, the get_unwind_section_word function in readelf.c, and ARM unwind inform

  • CVE-2017-8421MedMay 2, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The function coff_set_alignment_hook in coffcode.h in Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a memory leak vulnerability which can cause memory exhaustion in objdump via a crafted PE file. Additional validation in dump_relocs_i

  • CVE-2017-8398HigMay 1, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    dwarf.c in GNU Binutils 2.28 is vulnerable to an invalid read of size 1 during dumping of debug information from a corrupt binary. This vulnerability causes programs that conduct an analysis of binary programs, such as objdump and readelf, to crash.

  • CVE-2017-8397HigMay 1, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 and an invalid write of size 1 during processing of a corrupt binary containing reloc(s) with negative addresses. This vulnerability causes progr

  • CVE-2017-8396HigMay 1, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 because the existing reloc offset range tests didn't catch small negative offsets less than the size of the reloc field. This vulnerability cause

  • CVE-2017-8395HigMay 1, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid write of size 8 because of missing a malloc() return-value check to see if memory had actually been allocated in the _bfd_generic_get_section_contents function.

  • CVE-2017-8394HigMay 1, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 4 due to NULL pointer dereferencing of _bfd_elf_large_com_section. This vulnerability causes programs that conduct an analysis of binary programs u

  • CVE-2017-8393HigMay 1, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a global buffer over-read error because of an assumption made by code that runs for objcopy and strip, that SHT_REL/SHR_RELA sections are always named starting with a .rel

Page 4 of 5