Total
113 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-14940 | 1 Gnu | 1 Binutils | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
scan_unit_for_symbols in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file. | |||||
CVE-2017-14130 | 1 Gnu | 1 Binutils | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
The _bfd_elf_parse_attributes function in elf-attrs.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (_bfd_elf_attr_strdup heap-based buffer over-read and application crash) via a crafted ELF file. | |||||
CVE-2017-14930 | 1 Gnu | 1 Binutils | 2023-12-10 | 7.1 HIGH | 5.5 MEDIUM |
Memory leak in decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file. | |||||
CVE-2017-9954 | 1 Gnu | 1 Binutils | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
The getvalue function in tekhex.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted tekhex file, as demonstrated by mishandling within the nm program. | |||||
CVE-2017-14529 | 1 Gnu | 1 Binutils | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
The pe_print_idata function in peXXigen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles HintName vector entries, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted PE file, related to the bfd_getl16 function. | |||||
CVE-2017-14932 | 1 Gnu | 1 Binutils | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite loop) via a crafted ELF file. | |||||
CVE-2017-17123 | 1 Gnu | 1 Binutils | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
The coff_slurp_reloc_table function in coffcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted COFF based file. | |||||
CVE-2017-15225 | 1 Gnu | 1 Binutils | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
_bfd_dwarf2_cleanup_debug_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (memory leak) via a crafted ELF file. | |||||
CVE-2017-14129 | 1 Gnu | 1 Binutils | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
The read_section function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (parse_comp_unit heap-based buffer over-read and application crash) via a crafted ELF file. | |||||
CVE-2017-15021 | 1 Gnu | 1 Binutils | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
bfd_get_debug_link_info_1 in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to bfd_getl32. | |||||
CVE-2017-15024 | 1 Gnu | 1 Binutils | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
find_abstract_instance_name in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file. | |||||
CVE-2017-13716 | 1 Gnu | 1 Binutils | 2023-12-10 | 7.1 HIGH | 5.5 MEDIUM |
The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd). | |||||
CVE-2017-15939 | 1 Gnu | 1 Binutils | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles NULL files in a .debug_line file table, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to concat_filename. NOTE: this issue is caused by an incomplete fix for CVE-2017-15023. | |||||
CVE-2017-14128 | 1 Gnu | 1 Binutils | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
The decode_line_info function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (read_1_byte heap-based buffer over-read and application crash) via a crafted ELF file. | |||||
CVE-2017-13757 | 1 Gnu | 1 Binutils | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the PLT section size, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to elf_i386_get_synthetic_symtab in elf32-i386.c and elf_x86_64_get_synthetic_symtab in elf64-x86-64.c. | |||||
CVE-2017-14938 | 1 Gnu | 1 Binutils | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
_bfd_elf_slurp_version_tables in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file. | |||||
CVE-2017-9955 | 1 Gnu | 1 Binutils | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
The get_build_id function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file in which a certain size field is larger than a corresponding data field, as demonstrated by mishandling within the objdump program. | |||||
CVE-2017-14939 | 1 Gnu | 1 Binutils | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles a length calculation, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to read_1_byte. | |||||
CVE-2017-15025 | 1 Gnu | 1 Binutils | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted ELF file. | |||||
CVE-2017-15022 | 1 Gnu | 1 Binutils | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the DW_AT_name data type, which allows remote attackers to cause a denial of service (bfd_hash_hash NULL pointer dereference, or out-of-bounds access, and application crash) via a crafted ELF file, related to scan_unit_for_symbols and parse_comp_unit. |