VYPR

rpm package

suse/cross-spu-binutils&distro=SUSE Linux Enterprise Software Development Kit 12 SP3

pkg:rpm/suse/cross-spu-binutils&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3

Vulnerabilities (82)

  • CVE-2017-16827HigNov 15, 2017
    affected < 2.31-9.26.1fixed 2.31-9.26.1

    The aout_get_external_symbols function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (slurp_symtab invalid free and application crash) or possibly have unspecified o

  • CVE-2017-16826HigNov 15, 2017
    affected < 2.31-9.26.1fixed 2.31-9.26.1

    The coff_slurp_line_table function in coffcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other

  • CVE-2017-15996HigOct 29, 2017
    affected < 2.31-9.26.1fixed 2.31-9.26.1

    elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service (excessive memory allocation) or possibly have unspecified other impact via a crafted ELF file that triggers a "buffer overflow on fuzzed archive header," related to an uninitialized va

  • CVE-2017-15939MedOct 27, 2017
    affected < 2.31-9.26.1fixed 2.31-9.26.1

    dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles NULL files in a .debug_line file table, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF

  • CVE-2017-15938HigOct 27, 2017
    affected < 2.31-9.26.1fixed 2.31-9.26.1

    dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, miscalculates DW_FORM_ref_addr die refs in the case of a relocatable object file, which allows remote attackers to cause a denial of service (find_abstract_instance_name invali

  • CVE-2017-14974MedOct 2, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandle the failure of a certain canonicalization step, which allows remote attackers to cause a denial of service (NULL pointer dereference and a

  • CVE-2017-14745HigSep 26, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, interpret a -1 value as a sorting count instead of an error flag, which allows remote attackers to cause a denial of service (integer overflow and a

  • CVE-2017-14729HigSep 25, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, do not ensure a unique PLT entry for a symbol, which allows remote attackers to cause a denial of service (heap-based buffer overflow and applicatio

  • CVE-2017-14529MedSep 18, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The pe_print_idata function in peXXigen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles HintName vector entries, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application cra

  • CVE-2017-14333HigSep 12, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The process_version_sections function in readelf.c in GNU Binutils 2.29 allows attackers to cause a denial of service (Integer Overflow, and hang because of a time-consuming loop) or possibly have unspecified other impact via a crafted binary file with invalid values of ent.vn_ne

  • CVE-2017-14130MedSep 4, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The _bfd_elf_parse_attributes function in elf-attrs.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (_bfd_elf_attr_strdup heap-based buffer over-read and application crash) via a

  • CVE-2017-14129MedSep 4, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The read_section function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (parse_comp_unit heap-based buffer over-read and application crash) via a crafted ELF file.

  • CVE-2017-14128MedSep 4, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The decode_line_info function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (read_1_byte heap-based buffer over-read and application crash) via a crafted ELF file.

  • CVE-2017-13757MedAug 29, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the PLT section size, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to el

  • CVE-2017-12799HigAug 10, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The elf_read_notesfunction in bfd/elf.c in GNU Binutils 2.29 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file.

  • CVE-2017-12456HigAug 4, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The read_symbol_stabs_debugging_info function in rddbg.c in GNU Binutils 2.29 and earlier allows remote attackers to cause an out of bounds heap read via a crafted binary file.

  • CVE-2017-12454HigAug 4, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The _bfd_vms_slurp_egsd function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an arbitrary memory read via a crafted vms alpha file.

  • CVE-2017-12453HigAug 4, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The _bfd_vms_slurp_eeom function in libbfd.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file.

  • CVE-2017-12452HigAug 4, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The bfd_mach_o_i386_canonicalize_one_reloc function in bfd/mach-o-i386.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted mach-o file.

  • CVE-2017-12450HigAug 4, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The alpha_vms_object_p function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted vms alpha f

Page 2 of 5