Total
93 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-25584 | 1 Gnu | 1 Binutils | 2024-02-23 | N/A | 7.1 HIGH |
An out-of-bounds read flaw was found in the parse_module function in bfd/vms-alpha.c in Binutils. | |||||
CVE-2022-47673 | 1 Gnu | 1 Binutils | 2023-12-10 | N/A | 7.8 HIGH |
An issue was discovered in Binutils addr2line before 2.39.3, function parse_module contains multiple out of bound reads which may cause a denial of service or other unspecified impacts. | |||||
CVE-2020-35342 | 1 Gnu | 1 Binutils | 2023-12-10 | N/A | 7.5 HIGH |
GNU Binutils before 2.34 has an uninitialized-heap vulnerability in function tic4x_print_cond (file opcodes/tic4x-dis.c) which could allow attackers to make an information leak. | |||||
CVE-2022-47696 | 1 Gnu | 1 Binutils | 2023-12-10 | N/A | 7.8 HIGH |
An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function compare_symbols. | |||||
CVE-2022-44840 | 1 Gnu | 1 Binutils | 2023-12-10 | N/A | 7.8 HIGH |
Heap buffer overflow vulnerability in binutils readelf before 2.40 via function find_section_in_set in file readelf.c. | |||||
CVE-2022-47695 | 1 Gnu | 1 Binutils | 2023-12-10 | N/A | 7.8 HIGH |
An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function bfd_mach_o_get_synthetic_symtab in match-o.c. | |||||
CVE-2020-19726 | 1 Gnu | 1 Binutils | 2023-12-10 | N/A | 8.8 HIGH |
An issue was discovered in binutils libbfd.c 2.36 relating to the auxiliary symbol data allows attackers to read or write to system memory or cause a denial of service. | |||||
CVE-2022-45703 | 1 Gnu | 1 Binutils | 2023-12-10 | N/A | 7.8 HIGH |
Heap buffer overflow vulnerability in binutils readelf before 2.40 via function display_debug_section in file readelf.c. | |||||
CVE-2021-46174 | 1 Gnu | 1 Binutils | 2023-12-10 | N/A | 7.5 HIGH |
Heap-based Buffer Overflow in function bfd_getl32 in Binutils objdump 3.37. | |||||
CVE-2023-1579 | 1 Gnu | 1 Binutils | 2023-12-10 | N/A | 7.8 HIGH |
Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64. | |||||
CVE-2021-37322 | 1 Gnu | 2 Binutils, Gcc | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
GCC c++filt v2.26 was discovered to contain a use-after-free vulnerability via the component cplus-dem.c. | |||||
CVE-2021-45078 | 5 Debian, Fedoraproject, Gnu and 2 more | 5 Debian Linux, Fedora, Binutils and 2 more | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists because of an incorrect fix for CVE-2018-12699. | |||||
CVE-2021-3530 | 2 Gnu, Netapp | 2 Binutils, Ontap Select Deploy Administration Utility | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed in GNU Binutils version 2.36. A crafted symbol can cause stack memory to be exhausted leading to a crash. | |||||
CVE-2021-20294 | 1 Gnu | 1 Binutils | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
A flaw was found in binutils readelf 2.35 program. An attacker who is able to convince a victim using readelf to read a crafted file could trigger a stack buffer overflow, out-of-bounds write of arbitrary data supplied by the attacker. The highest impact of this flaw is to confidentiality, integrity, and availability. | |||||
CVE-2021-3549 | 1 Gnu | 1 Binutils | 2023-12-10 | 5.8 MEDIUM | 7.1 HIGH |
An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to avr_elf32_load_records_from_section() probably resulting in a crash or in some cases memory corruption. The highest threat from this vulnerability is to integrity as well as system availability. | |||||
CVE-2019-9077 | 4 Canonical, F5, Gnu and 1 more | 4 Ubuntu Linux, Traffix Signaling Delivery Controller, Binutils and 1 more | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section. | |||||
CVE-2018-1000876 | 3 Canonical, Gnu, Redhat | 5 Ubuntu Linux, Binutils, Enterprise Linux Desktop and 2 more | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f. | |||||
CVE-2018-18483 | 1 Gnu | 1 Binutils | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt. | |||||
CVE-2019-9075 | 4 Canonical, F5, Gnu and 1 more | 18 Ubuntu Linux, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 15 more | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c. | |||||
CVE-2018-20657 | 2 F5, Gnu | 2 Traffix Signaling Delivery Controller, Binutils | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted string, leading to a denial of service (memory consumption), as demonstrated by cxxfilt, a related issue to CVE-2018-12698. |