VYPR

Binutils

by GNU

Source repositories

CVEs (273)

  • CVE-2026-3441Mar 15, 2026
    risk 0.00cvss epss 0.00

    A flaw was found in GNU Binutils. This heap-based buffer overflow vulnerability, specifically an out-of-bounds read in the bfd linker, allows an attacker to gain access to sensitive information. By convincing a user to process a specially crafted XCOFF object file, an attacker…

  • CVE-2026-3442Mar 15, 2026
    risk 0.00cvss epss 0.00

    A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read, exists in the bfd linker component. An attacker could exploit this by convincing a user to process a specially crafted malicious XCOFF object file. Successful…

  • CVE-2025-69648Mar 9, 2026
    risk 0.00cvss epss 0.00

    GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF .debug_rnglists data. A logic flaw in the DWARF parsing path causes readelf to repeatedly print the same warning message without making forward…

  • CVE-2025-69647Mar 9, 2026
    risk 0.00cvss epss 0.00

    GNU Binutils thru 2.45.1 readelf contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF loclists data. A logic flaw in the DWARF parsing code can cause readelf to repeatedly print the same table output without making forward progress,…

  • CVE-2025-69651Mar 6, 2026
    risk 0.00cvss epss 0.00

    GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an invalid pointer free when processing a crafted ELF binary with malformed relocation or symbol data. If dump_relocations returns early due to parsing errors, the internal all_relocations array may remain…

  • CVE-2025-69645Mar 6, 2026
    risk 0.00cvss epss 0.00

    Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug information. A logic error in the handling of DWARF compilation units can result in an invalid offset_size value being used inside byte_get_little_endian,…

  • CVE-2025-69652Mar 6, 2026
    risk 0.00cvss epss 0.00

    GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an abort (SIGABRT) when processing a crafted ELF binary with malformed DWARF abbrev or debug information. Due to incomplete state cleanup in process_debug_info(), an invalid debug_info_p state may propagate…

  • CVE-2025-69649Mar 6, 2026
    risk 0.00cvss epss 0.00

    GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into display_relocations(), resulting in a…

  • CVE-2025-69646Mar 6, 2026
    risk 0.00cvss epss 0.00

    Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug_rnglists data. A logic error in the handling of the debug_rnglists header can cause objdump to repeatedly print the same warning message and fail to terminate,…

  • CVE-2025-66863Dec 29, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in function d_discriminator in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file.

  • CVE-2025-66861Dec 29, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in function d_unqualified_name in file cp-demangle.c in BinUtils 2.26 allowing attackers to cause a denial of service via crafted PE file.

  • CVE-2025-66866Dec 29, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in function d_abi_tags in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file.

  • CVE-2025-66864Dec 29, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in function d_print_comp_inner in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file.

  • CVE-2025-66865Dec 29, 2025
    risk 0.00cvss epss 0.00

    An issue was discovered in function d_print_comp_inner in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file.

  • CVE-2025-66862Dec 29, 2025
    risk 0.00cvss epss 0.00

    A buffer overflow vulnerability in function gnu_special in file cplus-dem.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file.

  • CVE-2025-1182Feb 11, 2025
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as critical, was found in GNU Binutils 2.43. Affected is the function bfd_elf_reloc_symbol_deleted_p of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. It is possible to launch the attack remotely.…

  • CVE-2025-1181Feb 11, 2025
    risk 0.00cvss epss 0.01

    A vulnerability classified as critical was found in GNU Binutils 2.43. This vulnerability affects the function _bfd_elf_gc_mark_rsec of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. The attack can be initiated remotely. The complexity…

  • CVE-2025-1180Feb 11, 2025
    risk 0.00cvss epss 0.01

    A vulnerability classified as problematic has been found in GNU Binutils 2.43. This affects the function _bfd_elf_write_section_eh_frame of the file bfd/elf-eh-frame.c of the component ld. The manipulation leads to memory corruption. It is possible to initiate the attack…

  • CVE-2025-1179Feb 11, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in GNU Binutils 2.43. It has been rated as critical. Affected by this issue is the function bfd_putl64 of the file bfd/libbfd.c of the component ld. The manipulation leads to memory corruption. The attack may be launched remotely. The complexity of an…

  • CVE-2025-1178Feb 11, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was found in GNU Binutils 2.43. It has been declared as problematic. Affected by this vulnerability is the function bfd_putl64 of the file libbfd.c of the component ld. The manipulation leads to memory corruption. The attack can be launched remotely. The…

Page 9 of 14