VYPR

rpm package

suse/cross-spu-binutils&distro=SUSE Linux Enterprise Software Development Kit 12 SP2

pkg:rpm/suse/cross-spu-binutils&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2

Vulnerabilities (57)

  • CVE-2017-14974MedOct 2, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandle the failure of a certain canonicalization step, which allows remote attackers to cause a denial of service (NULL pointer dereference and a

  • CVE-2017-14745HigSep 26, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, interpret a -1 value as a sorting count instead of an error flag, which allows remote attackers to cause a denial of service (integer overflow and a

  • CVE-2017-14729HigSep 25, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, do not ensure a unique PLT entry for a symbol, which allows remote attackers to cause a denial of service (heap-based buffer overflow and applicatio

  • CVE-2017-14529MedSep 18, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The pe_print_idata function in peXXigen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles HintName vector entries, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application cra

  • CVE-2017-14333HigSep 12, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The process_version_sections function in readelf.c in GNU Binutils 2.29 allows attackers to cause a denial of service (Integer Overflow, and hang because of a time-consuming loop) or possibly have unspecified other impact via a crafted binary file with invalid values of ent.vn_ne

  • CVE-2017-14130MedSep 4, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The _bfd_elf_parse_attributes function in elf-attrs.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (_bfd_elf_attr_strdup heap-based buffer over-read and application crash) via a

  • CVE-2017-14129MedSep 4, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The read_section function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (parse_comp_unit heap-based buffer over-read and application crash) via a crafted ELF file.

  • CVE-2017-14128MedSep 4, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The decode_line_info function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (read_1_byte heap-based buffer over-read and application crash) via a crafted ELF file.

  • CVE-2017-13757MedAug 29, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the PLT section size, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to el

  • CVE-2017-12799HigAug 10, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The elf_read_notesfunction in bfd/elf.c in GNU Binutils 2.29 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file.

  • CVE-2017-12456HigAug 4, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The read_symbol_stabs_debugging_info function in rddbg.c in GNU Binutils 2.29 and earlier allows remote attackers to cause an out of bounds heap read via a crafted binary file.

  • CVE-2017-12454HigAug 4, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The _bfd_vms_slurp_egsd function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an arbitrary memory read via a crafted vms alpha file.

  • CVE-2017-12453HigAug 4, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The _bfd_vms_slurp_eeom function in libbfd.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file.

  • CVE-2017-12452HigAug 4, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The bfd_mach_o_i386_canonicalize_one_reloc function in bfd/mach-o-i386.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted mach-o file.

  • CVE-2017-12450HigAug 4, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The alpha_vms_object_p function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap write and possibly achieve code execution via a crafted vms alpha f

  • CVE-2017-12448HigAug 4, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The bfd_cache_close function in bfd/cache.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a heap use after free and possibly achieve code execution via a crafted nested archive file. Thi

  • CVE-2017-9955MedJun 26, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The get_build_id function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file in which a certain size

  • CVE-2017-9954MedJun 26, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The getvalue function in tekhex.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted tekhex file, as demonstrated by

  • CVE-2017-9756HigJun 19, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    The aarch64_ext_ldst_reglist function in opcodes/aarch64-dis.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of

  • CVE-2017-9755HigJun 19, 2017
    affected < 2.29.1-9.20.2fixed 2.29.1-9.20.2

    opcodes/i386-dis.c in GNU Binutils 2.28 does not consider the number of registers for bnd mode, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated

Page 1 of 3