VYPR

rpm package

suse/cross-spu-binutils&distro=SUSE Linux Enterprise Software Development Kit 12 SP3

pkg:rpm/suse/cross-spu-binutils&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3

Vulnerabilities (82)

  • CVE-2017-12448HigAug 4, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The bfd_cache_close function in bfd/cache.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a heap use after free and possibly achieve code execution via a crafted nested archive file. Thi

  • CVE-2017-9955MedJun 26, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The get_build_id function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file in which a certain size

  • CVE-2017-9954MedJun 26, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The getvalue function in tekhex.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted tekhex file, as demonstrated by

  • CVE-2017-9756HigJun 19, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The aarch64_ext_ldst_reglist function in opcodes/aarch64-dis.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of

  • CVE-2017-9755HigJun 19, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    opcodes/i386-dis.c in GNU Binutils 2.28 does not consider the number of registers for bnd mode, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated

  • CVE-2017-9750HigJun 19, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    opcodes/rx-decode.opc in GNU Binutils 2.28 lacks bounds checks for certain scale arrays, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mish

  • CVE-2017-9748HigJun 19, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The ieee_object_p function in bfd/ieee.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, might allow remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via

  • CVE-2017-9747HigJun 19, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The ieee_archive_p function in bfd/ieee.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, might allow remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via

  • CVE-2017-9746HigJun 19, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The disassemble_bytes function in objdump.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of rae insns printing

  • CVE-2017-9044MedMay 18, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The print_symbol_for_build_attribute function in readelf.c in GNU Binutils 2017-04-12 allows remote attackers to cause a denial of service (invalid read and SEGV) via a crafted ELF file.

  • CVE-2017-9043HigMay 18, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    readelf.c in GNU Binutils 2017-04-12 has a "shift exponent too large for type unsigned long" issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file.

  • CVE-2017-9042HigMay 18, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    readelf.c in GNU Binutils 2017-04-12 has a "cannot be represented in type long" issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file.

  • CVE-2017-9041MedMay 18, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    GNU Binutils 2.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to MIPS GOT mishandling in the process_mips_specific function in readelf.c.

  • CVE-2017-9040MedMay 18, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    GNU Binutils 2017-04-03 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash), related to the process_mips_specific function in readelf.c, via a crafted ELF file that triggers a large memory-allocation attempt.

  • CVE-2017-9039MedMay 18, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    GNU Binutils 2.28 allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file with many program headers, related to the get_program_headers function in readelf.c.

  • CVE-2017-9038MedMay 18, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    GNU Binutils 2.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to the byte_get_little_endian function in elfcomm.c, the get_unwind_section_word function in readelf.c, and ARM unwind inform

  • CVE-2017-8421MedMay 2, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The function coff_set_alignment_hook in coffcode.h in Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a memory leak vulnerability which can cause memory exhaustion in objdump via a crafted PE file. Additional validation in dump_relocs_i

  • CVE-2017-8398HigMay 1, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    dwarf.c in GNU Binutils 2.28 is vulnerable to an invalid read of size 1 during dumping of debug information from a corrupt binary. This vulnerability causes programs that conduct an analysis of binary programs, such as objdump and readelf, to crash.

  • CVE-2017-8397HigMay 1, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 and an invalid write of size 1 during processing of a corrupt binary containing reloc(s) with negative addresses. This vulnerability causes progr

  • CVE-2017-8396HigMay 1, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 because the existing reloc offset range tests didn't catch small negative offsets less than the size of the reloc field. This vulnerability cause