Total
224 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-32256 | 1 Gnu | 1 Binutils | 2023-12-10 | N/A | 6.5 MEDIUM |
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangle_type in rust-demangle.c. | |||||
CVE-2022-47011 | 1 Gnu | 1 Binutils | 2023-12-10 | N/A | 5.5 MEDIUM |
An issue was discovered function parse_stab_struct_fields in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks. | |||||
CVE-2023-25586 | 1 Gnu | 1 Binutils | 2023-12-10 | N/A | 5.5 MEDIUM |
A flaw was found in Binutils. A logic fail in the bfd_init_section_decompress_status function may lead to the use of an uninitialized variable that can cause a crash and local denial of service. | |||||
CVE-2021-46174 | 1 Gnu | 1 Binutils | 2023-12-10 | N/A | 7.5 HIGH |
Heap-based Buffer Overflow in function bfd_getl32 in Binutils objdump 3.37. | |||||
CVE-2022-35205 | 1 Gnu | 1 Binutils | 2023-12-10 | N/A | 5.5 MEDIUM |
An issue was discovered in Binutils readelf 2.38.50, reachable assertion failure in function display_debug_names allows attackers to cause a denial of service. | |||||
CVE-2023-1579 | 1 Gnu | 1 Binutils | 2023-12-10 | N/A | 7.8 HIGH |
Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64. | |||||
CVE-2023-1972 | 1 Gnu | 1 Binutils | 2023-12-10 | N/A | 6.5 MEDIUM |
A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability. | |||||
CVE-2022-4285 | 3 Fedoraproject, Gnu, Redhat | 3 Fedora, Binutils, Enterprise Linux | 2023-12-10 | N/A | 5.5 MEDIUM |
An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599. | |||||
CVE-2022-38533 | 2 Fedoraproject, Gnu | 2 Fedora, Binutils | 2023-12-10 | N/A | 5.5 MEDIUM |
In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file. | |||||
CVE-2021-37322 | 1 Gnu | 2 Binutils, Gcc | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
GCC c++filt v2.26 was discovered to contain a use-after-free vulnerability via the component cplus-dem.c. | |||||
CVE-2021-45078 | 5 Debian, Fedoraproject, Gnu and 2 more | 5 Debian Linux, Fedora, Binutils and 2 more | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists because of an incorrect fix for CVE-2018-12699. | |||||
CVE-2021-3530 | 2 Gnu, Netapp | 2 Binutils, Ontap Select Deploy Administration Utility | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed in GNU Binutils version 2.36. A crafted symbol can cause stack memory to be exhausted leading to a crash. | |||||
CVE-2021-20284 | 2 Gnu, Netapp | 3 Binutils, Cloud Backup, Ontap Select Deploy Administration Utility | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c due to the number of symbols not calculated correctly. The highest threat from this vulnerability is to system availability. | |||||
CVE-2021-20294 | 1 Gnu | 1 Binutils | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
A flaw was found in binutils readelf 2.35 program. An attacker who is able to convince a victim using readelf to read a crafted file could trigger a stack buffer overflow, out-of-bounds write of arbitrary data supplied by the attacker. The highest impact of this flaw is to confidentiality, integrity, and availability. | |||||
CVE-2021-3549 | 1 Gnu | 1 Binutils | 2023-12-10 | 5.8 MEDIUM | 7.1 HIGH |
An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to avr_elf32_load_records_from_section() probably resulting in a crash or in some cases memory corruption. The highest threat from this vulnerability is to integrity as well as system availability. | |||||
CVE-2021-20197 | 4 Broadcom, Gnu, Netapp and 1 more | 6 Brocade Fabric Operating System Firmware, Binutils, Cloud Backup and 3 more | 2023-12-10 | 3.3 LOW | 6.3 MEDIUM |
There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user (presumably as part of a script updating binaries across different users), an unprivileged user can trick these utilities into getting ownership of arbitrary files through a symlink. | |||||
CVE-2020-16592 | 3 Fedoraproject, Gnu, Netapp | 3 Fedora, Binutils, Ontap Select Deploy Administration Utility | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
A use after free issue exists in the Binary File Descriptor (BFD) library (aka libbfd) in GNU Binutils 2.34 in bfd_hash_lookup, as demonstrated in nm-new, that can cause a denial of service via a crafted file. | |||||
CVE-2020-35448 | 2 Gnu, Netapp | 2 Binutils, Ontap Select Deploy Administration Utility | 2023-12-10 | 4.3 MEDIUM | 3.3 LOW |
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35.1. A heap-based buffer over-read can occur in bfd_getl_signed_32 in libbfd.c because sh_entsize is not validated in _bfd_elf_slurp_secondary_reloc_section in elf.c. | |||||
CVE-2020-16590 | 2 Gnu, Netapp | 2 Binutils, Ontap Select Deploy Administration Utility | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
A double free vulnerability exists in the Binary File Descriptor (BFD) (aka libbrd) in GNU Binutils 2.35 in the process_symbol_table, as demonstrated in readelf, via a crafted file. | |||||
CVE-2020-16591 | 2 Gnu, Netapp | 2 Binutils, Ontap Select Deploy Administration Utility | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
A Denial of Service vulnerability exists in the Binary File Descriptor (BFD) in GNU Binutils 2.35 due to an invalid read in process_symbol_table, as demonstrated in readeif. |