VYPR

Binutils

by GNU

Source repositories

CVEs (273)

  • CVE-2022-47696Aug 22, 2023
    risk 0.00cvss epss 0.00

    An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function compare_symbols.

  • CVE-2020-21490Aug 22, 2023
    risk 0.00cvss epss 0.00

    An issue was discovered in GNU Binutils 2.34. It is a memory leak when process microblaze-dis.c. This one will consume memory on each insn disassembled.

  • CVE-2022-47008Aug 22, 2023
    risk 0.00cvss epss 0.00

    An issue was discovered function make_tempdir, and make_tempname in bucomm.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks.

  • CVE-2022-48064Aug 22, 2023
    risk 0.00cvss epss 0.01

    GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function bfd_dwarf2_find_nearest_line_with_alt at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack.

  • CVE-2022-47010Aug 22, 2023
    risk 0.00cvss epss 0.00

    An issue was discovered function pr_function_type in prdbg.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks.

  • CVE-2022-48065Aug 22, 2023
    risk 0.00cvss epss 0.01

    GNU Binutils before 2.40 was discovered to contain a memory leak vulnerability var the function find_abstract_instance in dwarf2.c.

  • CVE-2021-46174Aug 22, 2023
    risk 0.00cvss epss 0.01

    Heap-based Buffer Overflow in function bfd_getl32 in Binutils objdump 3.37.

  • CVE-2022-35205Aug 22, 2023
    risk 0.00cvss epss 0.00

    An issue was discovered in Binutils readelf 2.38.50, reachable assertion failure in function display_debug_names allows attackers to cause a denial of service.

  • CVE-2020-35342Aug 22, 2023
    risk 0.00cvss epss 0.01

    GNU Binutils before 2.34 has an uninitialized-heap vulnerability in function tic4x_print_cond (file opcodes/tic4x-dis.c) which could allow attackers to make an information leak.

  • CVE-2021-32256Jul 18, 2023
    risk 0.00cvss epss 0.01

    An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangle_type in rust-demangle.c.

  • CVE-2023-1972May 17, 2023
    risk 0.00cvss epss 0.01

    A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability.

  • CVE-2023-1579Apr 3, 2023
    risk 0.00cvss epss 0.00

    Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64.

  • CVE-2022-4285Jan 27, 2023
    risk 0.00cvss epss 0.00

    An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599.

  • CVE-2022-38533Aug 25, 2022
    risk 0.00cvss epss 0.00

    In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file.

  • CVE-2021-45078Dec 15, 2021
    risk 0.00cvss epss 0.01

    stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists because of an incorrect fix…

  • CVE-2021-3530Jun 2, 2021
    risk 0.00cvss epss 0.02

    A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed in GNU Binutils version 2.36. A crafted symbol can cause stack memory to be exhausted leading to a crash.

  • CVE-2021-3549May 26, 2021
    risk 0.00cvss epss 0.01

    An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to avr_elf32_load_records_from_section() probably resulting in a crash or in some cases memory corruption. The highest threat from this…

  • CVE-2021-20294Apr 29, 2021
    risk 0.00cvss epss 0.03

    A flaw was found in binutils readelf 2.35 program. An attacker who is able to convince a victim using readelf to read a crafted file could trigger a stack buffer overflow, out-of-bounds write of arbitrary data supplied by the attacker. The highest impact of this flaw is to…

  • CVE-2021-20197Mar 26, 2021
    risk 0.00cvss epss 0.00

    There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user (presumably as part of a script updating binaries across different users), an…

  • CVE-2021-20284Mar 26, 2021
    risk 0.00cvss epss 0.01

    A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c due to the number of symbols not calculated correctly. The highest threat from this vulnerability is to system availability.

Page 11 of 14