rpm package
suse/binutils&distro=SUSE Manager Proxy 4.1
pkg:rpm/suse/binutils&distro=SUSE%20Manager%20Proxy%204.1
Vulnerabilities (7)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-3826 | — | < 2.39-150100.7.40.1 | 2.39-150100.7.40.1 | Sep 1, 2022 | Heap/stack buffer overflow in the dlang_lname function in d-demangle.c in libiberty allows attackers to potentially cause a denial of service (segmentation fault and crash) via a crafted mangled symbol. | ||
| CVE-2022-38533 | — | < 2.39-150100.7.40.1 | 2.39-150100.7.40.1 | Aug 25, 2022 | In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file. | ||
| CVE-2022-27943 | — | < 2.39-150100.7.40.1 | 2.39-150100.7.40.1 | Mar 26, 2022 | libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new. | ||
| CVE-2021-46195 | — | < 2.39-150100.7.40.1 | 2.39-150100.7.40.1 | Jan 14, 2022 | GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service (DoS) by consuming excessive CPU and memory resources. | ||
| CVE-2021-45078 | — | < 2.39-150100.7.40.1 | 2.39-150100.7.40.1 | Dec 15, 2021 | stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists because of an incorrect fix for | ||
| CVE-2021-3530 | — | < 2.39-150100.7.40.1 | 2.39-150100.7.40.1 | Jun 2, 2021 | A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed in GNU Binutils version 2.36. A crafted symbol can cause stack memory to be exhausted leading to a crash. | ||
| CVE-2019-1010204 | — | < 2.39-150100.7.40.1 | 2.39-150100.7.40.1 | Jul 23, 2019 | GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An |
- CVE-2021-3826Sep 1, 2022affected < 2.39-150100.7.40.1fixed 2.39-150100.7.40.1
Heap/stack buffer overflow in the dlang_lname function in d-demangle.c in libiberty allows attackers to potentially cause a denial of service (segmentation fault and crash) via a crafted mangled symbol.
- CVE-2022-38533Aug 25, 2022affected < 2.39-150100.7.40.1fixed 2.39-150100.7.40.1
In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file.
- CVE-2022-27943Mar 26, 2022affected < 2.39-150100.7.40.1fixed 2.39-150100.7.40.1
libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.
- CVE-2021-46195Jan 14, 2022affected < 2.39-150100.7.40.1fixed 2.39-150100.7.40.1
GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows attackers to cause a Denial of Service (DoS) by consuming excessive CPU and memory resources.
- CVE-2021-45078Dec 15, 2021affected < 2.39-150100.7.40.1fixed 2.39-150100.7.40.1
stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists because of an incorrect fix for
- CVE-2021-3530Jun 2, 2021affected < 2.39-150100.7.40.1fixed 2.39-150100.7.40.1
A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed in GNU Binutils version 2.36. A crafted symbol can cause stack memory to be exhausted leading to a crash.
- CVE-2019-1010204Jul 23, 2019affected < 2.39-150100.7.40.1fixed 2.39-150100.7.40.1
GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An