rpm package
suse/binutils&distro=SUSE OpenStack Cloud Crowbar 9
pkg:rpm/suse/binutils&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209
Vulnerabilities (27)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-14444 | — | < 2.37-9.39.1 | 2.37-9.39.1 | Jul 30, 2019 | apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf. | ||
| CVE-2019-14250 | — | < 2.37-9.39.1 | 2.37-9.39.1 | Jul 24, 2019 | An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow. | ||
| CVE-2019-1010204 | — | < 2.39-9.50.1 | 2.39-9.50.1 | Jul 23, 2019 | GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An | ||
| CVE-2019-12972 | — | < 2.37-9.39.1 | 2.37-9.39.1 | Jun 26, 2019 | An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a | ||
| CVE-2019-9077 | — | < 2.37-9.39.1 | 2.37-9.39.1 | Feb 24, 2019 | An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section. | ||
| CVE-2019-9075 | — | < 2.37-9.39.1 | 2.37-9.39.1 | Feb 24, 2019 | An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c. | ||
| CVE-2019-9074 | — | < 2.37-9.39.1 | 2.37-9.39.1 | Feb 24, 2019 | An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c. |
- CVE-2019-14444Jul 30, 2019affected < 2.37-9.39.1fixed 2.37-9.39.1
apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf.
- CVE-2019-14250Jul 24, 2019affected < 2.37-9.39.1fixed 2.37-9.39.1
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.
- CVE-2019-1010204Jul 23, 2019affected < 2.39-9.50.1fixed 2.39-9.50.1
GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An
- CVE-2019-12972Jun 26, 2019affected < 2.37-9.39.1fixed 2.37-9.39.1
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a
- CVE-2019-9077Feb 24, 2019affected < 2.37-9.39.1fixed 2.37-9.39.1
An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section.
- CVE-2019-9075Feb 24, 2019affected < 2.37-9.39.1fixed 2.37-9.39.1
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c.
- CVE-2019-9074Feb 24, 2019affected < 2.37-9.39.1fixed 2.37-9.39.1
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c.
Page 2 of 2