rpm package
suse/cross-spu-binutils&distro=SUSE Linux Enterprise Software Development Kit 12 SP3
pkg:rpm/suse/cross-spu-binutils&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3
Vulnerabilities (82)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-16827 | Hig | 7.8 | < 2.31-9.26.1 | 2.31-9.26.1 | Nov 15, 2017 | The aout_get_external_symbols function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (slurp_symtab invalid free and application crash) or possibly have unspecified o | |
| CVE-2017-16826 | Hig | 7.8 | < 2.31-9.26.1 | 2.31-9.26.1 | Nov 15, 2017 | The coff_slurp_line_table function in coffcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other | |
| CVE-2017-15996 | Hig | 7.8 | < 2.31-9.26.1 | 2.31-9.26.1 | Oct 29, 2017 | elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service (excessive memory allocation) or possibly have unspecified other impact via a crafted ELF file that triggers a "buffer overflow on fuzzed archive header," related to an uninitialized va | |
| CVE-2017-15939 | Med | 5.5 | < 2.31-9.26.1 | 2.31-9.26.1 | Oct 27, 2017 | dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles NULL files in a .debug_line file table, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF | |
| CVE-2017-15938 | Hig | 7.5 | < 2.31-9.26.1 | 2.31-9.26.1 | Oct 27, 2017 | dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, miscalculates DW_FORM_ref_addr die refs in the case of a relocatable object file, which allows remote attackers to cause a denial of service (find_abstract_instance_name invali | |
| CVE-2017-14974 | Med | 5.5 | < 2.29.1-9.20.2 | 2.29.1-9.20.2 | Oct 2, 2017 | The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandle the failure of a certain canonicalization step, which allows remote attackers to cause a denial of service (NULL pointer dereference and a | |
| CVE-2017-14745 | Hig | 7.8 | < 2.29.1-9.20.2 | 2.29.1-9.20.2 | Sep 26, 2017 | The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, interpret a -1 value as a sorting count instead of an error flag, which allows remote attackers to cause a denial of service (integer overflow and a | |
| CVE-2017-14729 | Hig | 7.8 | < 2.29.1-9.20.2 | 2.29.1-9.20.2 | Sep 25, 2017 | The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, do not ensure a unique PLT entry for a symbol, which allows remote attackers to cause a denial of service (heap-based buffer overflow and applicatio | |
| CVE-2017-14529 | Med | 5.5 | < 2.29.1-9.20.2 | 2.29.1-9.20.2 | Sep 18, 2017 | The pe_print_idata function in peXXigen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles HintName vector entries, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application cra | |
| CVE-2017-14333 | Hig | 7.8 | < 2.29.1-9.20.2 | 2.29.1-9.20.2 | Sep 12, 2017 | The process_version_sections function in readelf.c in GNU Binutils 2.29 allows attackers to cause a denial of service (Integer Overflow, and hang because of a time-consuming loop) or possibly have unspecified other impact via a crafted binary file with invalid values of ent.vn_ne | |
| CVE-2017-14130 | Med | 5.5 | < 2.29.1-9.20.2 | 2.29.1-9.20.2 | Sep 4, 2017 | The _bfd_elf_parse_attributes function in elf-attrs.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (_bfd_elf_attr_strdup heap-based buffer over-read and application crash) via a | |
| CVE-2017-14129 | Med | 5.5 | < 2.29.1-9.20.2 | 2.29.1-9.20.2 | Sep 4, 2017 | The read_section function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (parse_comp_unit heap-based buffer over-read and application crash) via a crafted ELF file. | |
| CVE-2017-14128 | Med | 5.5 | < 2.29.1-9.20.2 | 2.29.1-9.20.2 | Sep 4, 2017 | The decode_line_info function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (read_1_byte heap-based buffer over-read and application crash) via a crafted ELF file. | |
| CVE-2017-13757 | Med | 5.5 | < 2.29.1-9.20.2 | 2.29.1-9.20.2 | Aug 29, 2017 | The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the PLT section size, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to el | |
| CVE-2017-12799 | Hig | 7.8 | < 2.29.1-9.20.2 | 2.29.1-9.20.2 | Aug 10, 2017 | The elf_read_notesfunction in bfd/elf.c in GNU Binutils 2.29 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file. | |
| CVE-2017-12456 | Hig | 7.8 | < 2.29.1-9.20.2 | 2.29.1-9.20.2 | Aug 4, 2017 | The read_symbol_stabs_debugging_info function in rddbg.c in GNU Binutils 2.29 and earlier allows remote attackers to cause an out of bounds heap read via a crafted binary file. | |
| CVE-2017-12454 | Hig | 7.8 | < 2.29.1-9.20.2 | 2.29.1-9.20.2 | Aug 4, 2017 | The _bfd_vms_slurp_egsd function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an arbitrary memory read via a crafted vms alpha file. | |
| CVE-2017-12453 | Hig | 7.8 | < 2.29.1-9.20.2 | 2.29.1-9.20.2 | Aug 4, 2017 | The _bfd_vms_slurp_eeom function in libbfd.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file. | |
| CVE-2017-12452 | Hig | 7.8 | < 2.29.1-9.20.2 | 2.29.1-9.20.2 | Aug 4, 2017 | The bfd_mach_o_i386_canonicalize_one_reloc function in bfd/mach-o-i386.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted mach-o file. | |
| CVE-2017-12450 | Hig | 7.8 | < 2.29.1-9.20.2 | 2.29.1-9.20.2 | Aug 4, 2017 | The alpha_vms_object_p function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted vms alpha f |
- affected < 2.31-9.26.1fixed 2.31-9.26.1
The aout_get_external_symbols function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (slurp_symtab invalid free and application crash) or possibly have unspecified o
- affected < 2.31-9.26.1fixed 2.31-9.26.1
The coff_slurp_line_table function in coffcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other
- affected < 2.31-9.26.1fixed 2.31-9.26.1
elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service (excessive memory allocation) or possibly have unspecified other impact via a crafted ELF file that triggers a "buffer overflow on fuzzed archive header," related to an uninitialized va
- affected < 2.31-9.26.1fixed 2.31-9.26.1
dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles NULL files in a .debug_line file table, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF
- affected < 2.31-9.26.1fixed 2.31-9.26.1
dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, miscalculates DW_FORM_ref_addr die refs in the case of a relocatable object file, which allows remote attackers to cause a denial of service (find_abstract_instance_name invali
- affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2
The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandle the failure of a certain canonicalization step, which allows remote attackers to cause a denial of service (NULL pointer dereference and a
- affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2
The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, interpret a -1 value as a sorting count instead of an error flag, which allows remote attackers to cause a denial of service (integer overflow and a
- affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2
The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, do not ensure a unique PLT entry for a symbol, which allows remote attackers to cause a denial of service (heap-based buffer overflow and applicatio
- affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2
The pe_print_idata function in peXXigen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles HintName vector entries, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application cra
- affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2
The process_version_sections function in readelf.c in GNU Binutils 2.29 allows attackers to cause a denial of service (Integer Overflow, and hang because of a time-consuming loop) or possibly have unspecified other impact via a crafted binary file with invalid values of ent.vn_ne
- affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2
The _bfd_elf_parse_attributes function in elf-attrs.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (_bfd_elf_attr_strdup heap-based buffer over-read and application crash) via a
- affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2
The read_section function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (parse_comp_unit heap-based buffer over-read and application crash) via a crafted ELF file.
- affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2
The decode_line_info function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (read_1_byte heap-based buffer over-read and application crash) via a crafted ELF file.
- affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the PLT section size, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to el
- affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2
The elf_read_notesfunction in bfd/elf.c in GNU Binutils 2.29 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file.
- affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2
The read_symbol_stabs_debugging_info function in rddbg.c in GNU Binutils 2.29 and earlier allows remote attackers to cause an out of bounds heap read via a crafted binary file.
- affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2
The _bfd_vms_slurp_egsd function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an arbitrary memory read via a crafted vms alpha file.
- affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2
The _bfd_vms_slurp_eeom function in libbfd.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file.
- affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2
The bfd_mach_o_i386_canonicalize_one_reloc function in bfd/mach-o-i386.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted mach-o file.
- affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2
The alpha_vms_object_p function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted vms alpha f
Page 2 of 5