VYPR

libbfd

by GNU

CVEs (31)

  • CVE-2017-15023MedOct 5, 2017
    risk 0.36cvss 5.5epss 0.02

    read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not properly validate the format count, which allows remote attackers to cause a denial of service (NULL pointer dereference and application…

  • CVE-2017-15022MedOct 5, 2017
    risk 0.36cvss 5.5epss 0.02

    dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the DW_AT_name data type, which allows remote attackers to cause a denial of service (bfd_hash_hash NULL pointer dereference, or out-of-bounds access, and…

  • CVE-2017-15021MedOct 5, 2017
    risk 0.36cvss 5.5epss 0.02

    bfd_get_debug_link_info_1 in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to…

  • CVE-2017-14974MedOct 2, 2017
    risk 0.36cvss 5.5epss 0.01

    The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandle the failure of a certain canonicalization step, which allows remote attackers to cause a denial of service (NULL pointer dereference and…

  • CVE-2017-14938MedSep 30, 2017
    risk 0.36cvss 5.5epss 0.02

    _bfd_elf_slurp_version_tables in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file.

  • CVE-2017-14934MedSep 30, 2017
    risk 0.36cvss 5.5epss 0.01

    process_debug_info in dwarf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite loop) via a crafted ELF file that contains a negative size value in a CU structure.

  • CVE-2017-14933MedSep 30, 2017
    risk 0.36cvss 5.5epss 0.01

    read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite loop) via a crafted ELF file.

  • CVE-2017-14930MedSep 30, 2017
    risk 0.36cvss 5.5epss 0.01

    Memory leak in decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file.

  • CVE-2017-14130MedSep 4, 2017
    risk 0.36cvss 5.5epss 0.02

    The _bfd_elf_parse_attributes function in elf-attrs.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (_bfd_elf_attr_strdup heap-based buffer over-read and application crash) via…

  • CVE-2017-13757MedAug 29, 2017
    risk 0.36cvss 5.5epss 0.01

    The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the PLT section size, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to…

  • CVE-2017-9955MedJun 26, 2017
    risk 0.36cvss 5.5epss 0.01

    The get_build_id function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file in which a certain…

Page 2 of 2