VYPR

Binutils

by GNU

Source repositories

CVEs (273)

  • CVE-2019-9074Feb 24, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c.

  • CVE-2019-9071Feb 24, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls.

  • CVE-2019-9070Feb 24, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive calls.

  • CVE-2019-9072Feb 24, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in setup_group in elf.c.

  • CVE-2019-9076Feb 24, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in elf_read_notes in elf.c.

  • CVE-2018-20712Jan 15, 2019
    risk 0.00cvss epss 0.03

    A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.

  • CVE-2018-20673Jan 4, 2019
    risk 0.00cvss epss 0.02

    The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for "Create an array for saving the template argument values") that can trigger a heap-based buffer overflow, as demonstrated by nm.

  • CVE-2018-20671Jan 4, 2019
    risk 0.00cvss epss 0.02

    load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size.

  • CVE-2018-20657Jan 2, 2019
    risk 0.00cvss epss 0.04

    The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted string, leading to a denial of service (memory consumption), as demonstrated by cxxfilt, a related issue to CVE-2018-12698.

  • CVE-2018-20651Jan 1, 2019
    risk 0.00cvss epss 0.02

    A NULL pointer dereference was discovered in elf_link_add_object_symbols in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.1. This occurs for a crafted ET_DYN with no program headers. A specially crafted ELF file allows…

  • CVE-2018-20623Dec 31, 2018
    risk 0.00cvss epss 0.02

    In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called from the process_archive function in readelf.c via a crafted ELF file.

  • CVE-2018-1000876Dec 20, 2018
    risk 0.00cvss epss 0.01

    binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This…

  • CVE-2018-20002Dec 10, 2018
    risk 0.00cvss epss 0.02

    The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm.

  • CVE-2018-19932Dec 7, 2018
    risk 0.00cvss epss 0.02

    An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is an integer overflow and infinite loop caused by the IS_CONTAINED_BY_LMA macro in elf.c.

  • CVE-2018-19931Dec 7, 2018
    risk 0.00cvss epss 0.01

    An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is a heap-based buffer overflow in bfd_elf32_swap_phdr_in in elfcode.h because the number of program headers is not restricted.

  • CVE-2018-18700Oct 27, 2018
    risk 0.00cvss epss 0.02

    An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions d_name(), d_encoding(), and d_local_name() in cp-demangle.c. Remote attackers could…

  • CVE-2018-18701Oct 27, 2018
    risk 0.00cvss epss 0.02

    An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions next_is_type_qual() and cplus_demangle_type() in cp-demangle.c. Remote attackers could…

  • CVE-2018-18607Oct 23, 2018
    risk 0.00cvss epss 0.02

    An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in elf_link_input_bfd when used for finding STT_TLS symbols without any TLS section. A…

  • CVE-2018-18606Oct 23, 2018
    risk 0.00cvss epss 0.02

    An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in _bfd_add_merge_section when attempting to merge sections with large alignments.…

  • CVE-2018-18605Oct 23, 2018
    risk 0.00cvss epss 0.02

    A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merges when size is not a multiple…

Page 13 of 14