Vulnerabilities (CVE)

Filtered by vendor Gnu Subscribe
Filtered by product Binutils
Total 93 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-25584 1 Gnu 1 Binutils 2024-02-23 N/A 7.1 HIGH
An out-of-bounds read flaw was found in the parse_module function in bfd/vms-alpha.c in Binutils.
CVE-2022-47673 1 Gnu 1 Binutils 2023-12-10 N/A 7.8 HIGH
An issue was discovered in Binutils addr2line before 2.39.3, function parse_module contains multiple out of bound reads which may cause a denial of service or other unspecified impacts.
CVE-2020-35342 1 Gnu 1 Binutils 2023-12-10 N/A 7.5 HIGH
GNU Binutils before 2.34 has an uninitialized-heap vulnerability in function tic4x_print_cond (file opcodes/tic4x-dis.c) which could allow attackers to make an information leak.
CVE-2022-47696 1 Gnu 1 Binutils 2023-12-10 N/A 7.8 HIGH
An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function compare_symbols.
CVE-2022-44840 1 Gnu 1 Binutils 2023-12-10 N/A 7.8 HIGH
Heap buffer overflow vulnerability in binutils readelf before 2.40 via function find_section_in_set in file readelf.c.
CVE-2022-47695 1 Gnu 1 Binutils 2023-12-10 N/A 7.8 HIGH
An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function bfd_mach_o_get_synthetic_symtab in match-o.c.
CVE-2020-19726 1 Gnu 1 Binutils 2023-12-10 N/A 8.8 HIGH
An issue was discovered in binutils libbfd.c 2.36 relating to the auxiliary symbol data allows attackers to read or write to system memory or cause a denial of service.
CVE-2022-45703 1 Gnu 1 Binutils 2023-12-10 N/A 7.8 HIGH
Heap buffer overflow vulnerability in binutils readelf before 2.40 via function display_debug_section in file readelf.c.
CVE-2021-46174 1 Gnu 1 Binutils 2023-12-10 N/A 7.5 HIGH
Heap-based Buffer Overflow in function bfd_getl32 in Binutils objdump 3.37.
CVE-2023-1579 1 Gnu 1 Binutils 2023-12-10 N/A 7.8 HIGH
Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64.
CVE-2021-37322 1 Gnu 2 Binutils, Gcc 2023-12-10 6.8 MEDIUM 7.8 HIGH
GCC c++filt v2.26 was discovered to contain a use-after-free vulnerability via the component cplus-dem.c.
CVE-2021-45078 5 Debian, Fedoraproject, Gnu and 2 more 5 Debian Linux, Fedora, Binutils and 2 more 2023-12-10 6.8 MEDIUM 7.8 HIGH
stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists because of an incorrect fix for CVE-2018-12699.
CVE-2021-3530 2 Gnu, Netapp 2 Binutils, Ontap Select Deploy Administration Utility 2023-12-10 5.0 MEDIUM 7.5 HIGH
A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed in GNU Binutils version 2.36. A crafted symbol can cause stack memory to be exhausted leading to a crash.
CVE-2021-20294 1 Gnu 1 Binutils 2023-12-10 6.8 MEDIUM 7.8 HIGH
A flaw was found in binutils readelf 2.35 program. An attacker who is able to convince a victim using readelf to read a crafted file could trigger a stack buffer overflow, out-of-bounds write of arbitrary data supplied by the attacker. The highest impact of this flaw is to confidentiality, integrity, and availability.
CVE-2021-3549 1 Gnu 1 Binutils 2023-12-10 5.8 MEDIUM 7.1 HIGH
An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to avr_elf32_load_records_from_section() probably resulting in a crash or in some cases memory corruption. The highest threat from this vulnerability is to integrity as well as system availability.
CVE-2019-9077 4 Canonical, F5, Gnu and 1 more 4 Ubuntu Linux, Traffix Signaling Delivery Controller, Binutils and 1 more 2023-12-10 6.8 MEDIUM 7.8 HIGH
An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section.
CVE-2018-1000876 3 Canonical, Gnu, Redhat 5 Ubuntu Linux, Binutils, Enterprise Linux Desktop and 2 more 2023-12-10 4.6 MEDIUM 7.8 HIGH
binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f.
CVE-2018-18483 1 Gnu 1 Binutils 2023-12-10 6.8 MEDIUM 7.8 HIGH
The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt.
CVE-2019-9075 4 Canonical, F5, Gnu and 1 more 18 Ubuntu Linux, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 15 more 2023-12-10 6.8 MEDIUM 7.8 HIGH
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c.
CVE-2018-20657 2 F5, Gnu 2 Traffix Signaling Delivery Controller, Binutils 2023-12-10 5.0 MEDIUM 7.5 HIGH
The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted string, leading to a denial of service (memory consumption), as demonstrated by cxxfilt, a related issue to CVE-2018-12698.