rpm package

suse/binutils&distro=SUSE OpenStack Cloud 7

pkg:rpm/suse/binutils&distro=SUSE%20OpenStack%20Cloud%207

Vulnerabilities (69)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2017-15939	Med	5.5	< 2.31-9.26.1	2.31-9.26.1	Oct 27, 2017	dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles NULL files in a .debug_line file table, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF
CVE-2017-15938	Hig	7.5	< 2.31-9.26.1	2.31-9.26.1	Oct 27, 2017	dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, miscalculates DW_FORM_ref_addr die refs in the case of a relocatable object file, which allows remote attackers to cause a denial of service (find_abstract_instance_name invali
CVE-2017-9756	Hig	7.8	< 2.31-9.26.1	2.31-9.26.1	Jun 19, 2017	The aarch64_ext_ldst_reglist function in opcodes/aarch64-dis.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of
CVE-2017-9755	Hig	7.8	< 2.31-9.26.1	2.31-9.26.1	Jun 19, 2017	opcodes/i386-dis.c in GNU Binutils 2.28 does not consider the number of registers for bnd mode, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated
CVE-2017-9750	Hig	7.8	< 2.31-9.26.1	2.31-9.26.1	Jun 19, 2017	opcodes/rx-decode.opc in GNU Binutils 2.28 lacks bounds checks for certain scale arrays, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mish
CVE-2017-9748	Hig	7.8	< 2.31-9.26.1	2.31-9.26.1	Jun 19, 2017	The ieee_object_p function in bfd/ieee.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, might allow remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via
CVE-2017-9747	Hig	7.8	< 2.31-9.26.1	2.31-9.26.1	Jun 19, 2017	The ieee_archive_p function in bfd/ieee.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, might allow remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via
CVE-2017-9746	Hig	7.8	< 2.31-9.26.1	2.31-9.26.1	Jun 19, 2017	The disassemble_bytes function in objdump.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of rae insns printing
CVE-2017-8421	Med	5.5	< 2.31-9.26.1	2.31-9.26.1	May 2, 2017	The function coff_set_alignment_hook in coffcode.h in Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a memory leak vulnerability which can cause memory exhaustion in objdump via a crafted PE file. Additional validation in dump_relocs_i
CVE-2017-8396	Hig	7.5	< 2.31-9.26.1	2.31-9.26.1	May 1, 2017	The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 because the existing reloc offset range tests didn't catch small negative offsets less than the size of the reloc field. This vulnerability cause
CVE-2017-8394	Hig	7.5	< 2.31-9.26.1	2.31-9.26.1	May 1, 2017	The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 4 due to NULL pointer dereferencing of _bfd_elf_large_com_section. This vulnerability causes programs that conduct an analysis of binary programs u
CVE-2017-8393	Hig	7.5	< 2.31-9.26.1	2.31-9.26.1	May 1, 2017	The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a global buffer over-read error because of an assumption made by code that runs for objcopy and strip, that SHT_REL/SHR_RELA sections are always named starting with a .rel
CVE-2017-8392	Hig	7.5	< 2.31-9.26.1	2.31-9.26.1	May 1, 2017	The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 8 because of missing a check to determine whether symbols are NULL in the _bfd_dwarf2_find_nearest_line function. This vulnerability causes program
CVE-2017-7304	Hig	7.5	< 2.31-9.26.1	2.31-9.26.1	Mar 29, 2017	The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read (of size 8) because of missing a check (in the copy_special_section_fields function) for an invalid sh_link field before attempting to follow it. This vuln
CVE-2017-7303	Hig	7.5	< 2.31-9.26.1	2.31-9.26.1	Mar 29, 2017	The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read (of size 4) because of missing a check (in the find_link function) for null headers before attempting to match them. This vulnerability causes Binutils uti
CVE-2017-7302	Hig	7.5	< 2.31-9.26.1	2.31-9.26.1	Mar 29, 2017	The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a swap_std_reloc_out function in bfd/aoutx.h that is vulnerable to an invalid read (of size 4) because of missing checks for relocs that could not be recognised. This vulnerability cau
CVE-2017-7301	Hig	7.5	< 2.31-9.26.1	2.31-9.26.1	Mar 29, 2017	The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in bfd/aoutx.h that has an off-by-one vulnerability because it does not carefully check the string offset. The vulnerability could lead to a GNU linke
CVE-2017-7300	Hig	7.5	< 2.31-9.26.1	2.31-9.26.1	Mar 29, 2017	The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in bfd/aoutx.h that is vulnerable to a heap-based buffer over-read (off-by-one) because of an incomplete check for invalid string offsets while loadin
CVE-2017-7299	Med	5.5	< 2.31-9.26.1	2.31-9.26.1	Mar 29, 2017	The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an invalid read (of size 8) because the code to emit relocs (bfd_elf_final_link function in bfd/elflink.c) does not check the format of the input file before trying to read the ELF rel
CVE-2017-7226	Cri	9.1	< 2.31-9.26.1	2.31-9.26.1	Mar 22, 2017	The pe_ILF_object_p function in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a heap-based buffer over-read of size 4049 because it uses the strlen function instead of strnlen, leading to program crashes in several ut

CVE-2017-15939MedOct 27, 2017
affected < 2.31-9.26.1fixed 2.31-9.26.1
dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles NULL files in a .debug_line file table, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF
CVE-2017-15938HigOct 27, 2017
affected < 2.31-9.26.1fixed 2.31-9.26.1
dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, miscalculates DW_FORM_ref_addr die refs in the case of a relocatable object file, which allows remote attackers to cause a denial of service (find_abstract_instance_name invali
CVE-2017-9756HigJun 19, 2017
affected < 2.31-9.26.1fixed 2.31-9.26.1
The aarch64_ext_ldst_reglist function in opcodes/aarch64-dis.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of
CVE-2017-9755HigJun 19, 2017
affected < 2.31-9.26.1fixed 2.31-9.26.1
opcodes/i386-dis.c in GNU Binutils 2.28 does not consider the number of registers for bnd mode, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated
CVE-2017-9750HigJun 19, 2017
affected < 2.31-9.26.1fixed 2.31-9.26.1
opcodes/rx-decode.opc in GNU Binutils 2.28 lacks bounds checks for certain scale arrays, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mish
CVE-2017-9748HigJun 19, 2017
affected < 2.31-9.26.1fixed 2.31-9.26.1
The ieee_object_p function in bfd/ieee.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, might allow remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via
CVE-2017-9747HigJun 19, 2017
affected < 2.31-9.26.1fixed 2.31-9.26.1
The ieee_archive_p function in bfd/ieee.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, might allow remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via
CVE-2017-9746HigJun 19, 2017
affected < 2.31-9.26.1fixed 2.31-9.26.1
The disassemble_bytes function in objdump.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of rae insns printing
CVE-2017-8421MedMay 2, 2017
affected < 2.31-9.26.1fixed 2.31-9.26.1
The function coff_set_alignment_hook in coffcode.h in Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a memory leak vulnerability which can cause memory exhaustion in objdump via a crafted PE file. Additional validation in dump_relocs_i
CVE-2017-8396HigMay 1, 2017
affected < 2.31-9.26.1fixed 2.31-9.26.1
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 because the existing reloc offset range tests didn't catch small negative offsets less than the size of the reloc field. This vulnerability cause
CVE-2017-8394HigMay 1, 2017
affected < 2.31-9.26.1fixed 2.31-9.26.1
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 4 due to NULL pointer dereferencing of _bfd_elf_large_com_section. This vulnerability causes programs that conduct an analysis of binary programs u
CVE-2017-8393HigMay 1, 2017
affected < 2.31-9.26.1fixed 2.31-9.26.1
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a global buffer over-read error because of an assumption made by code that runs for objcopy and strip, that SHT_REL/SHR_RELA sections are always named starting with a .rel
CVE-2017-8392HigMay 1, 2017
affected < 2.31-9.26.1fixed 2.31-9.26.1
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 8 because of missing a check to determine whether symbols are NULL in the _bfd_dwarf2_find_nearest_line function. This vulnerability causes program
CVE-2017-7304HigMar 29, 2017
affected < 2.31-9.26.1fixed 2.31-9.26.1
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read (of size 8) because of missing a check (in the copy_special_section_fields function) for an invalid sh_link field before attempting to follow it. This vuln
CVE-2017-7303HigMar 29, 2017
affected < 2.31-9.26.1fixed 2.31-9.26.1
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read (of size 4) because of missing a check (in the find_link function) for null headers before attempting to match them. This vulnerability causes Binutils uti
CVE-2017-7302HigMar 29, 2017
affected < 2.31-9.26.1fixed 2.31-9.26.1
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a swap_std_reloc_out function in bfd/aoutx.h that is vulnerable to an invalid read (of size 4) because of missing checks for relocs that could not be recognised. This vulnerability cau
CVE-2017-7301HigMar 29, 2017
affected < 2.31-9.26.1fixed 2.31-9.26.1
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in bfd/aoutx.h that has an off-by-one vulnerability because it does not carefully check the string offset. The vulnerability could lead to a GNU linke
CVE-2017-7300HigMar 29, 2017
affected < 2.31-9.26.1fixed 2.31-9.26.1
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in bfd/aoutx.h that is vulnerable to a heap-based buffer over-read (off-by-one) because of an incomplete check for invalid string offsets while loadin
CVE-2017-7299MedMar 29, 2017
affected < 2.31-9.26.1fixed 2.31-9.26.1
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an invalid read (of size 8) because the code to emit relocs (bfd_elf_final_link function in bfd/elflink.c) does not check the format of the input file before trying to read the ELF rel
CVE-2017-7226CriMar 22, 2017
affected < 2.31-9.26.1fixed 2.31-9.26.1
The pe_ILF_object_p function in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a heap-based buffer over-read of size 4049 because it uses the strlen function instead of strnlen, leading to program crashes in several ut

Page 3 of 4