Gnu

Binutils

256 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2019-9076

Exploit
  • EPSS 0.2%
  • Veröffentlicht 24.02.2019 00:29:00
  • Zuletzt bearbeitet 21.11.2024 04:50:56

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in elf_read_notes in elf.c.

7.8

CVE-2019-9077

Exploit
  • EPSS 0.3%
  • Veröffentlicht 24.02.2019 00:29:00
  • Zuletzt bearbeitet 21.11.2024 04:50:56

An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section.

6.5

CVE-2018-20712

Exploit
  • EPSS 1.05%
  • Veröffentlicht 15.01.2019 00:29:00
  • Zuletzt bearbeitet 21.11.2024 04:02:00

A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.

5.5

CVE-2018-20673

Exploit
  • EPSS 0.12%
  • Veröffentlicht 04.01.2019 18:29:00
  • Zuletzt bearbeitet 21.11.2024 04:01:57

The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for "Create an array for saving the template argument values") that can trigger a heap-based buffer ove...

5.5

CVE-2018-20671

Exploit
  • EPSS 0.11%
  • Veröffentlicht 04.01.2019 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:01:57

load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size.

7.5

CVE-2018-20657

Exploit
  • EPSS 0.26%
  • Veröffentlicht 02.01.2019 14:29:00
  • Zuletzt bearbeitet 21.11.2024 04:01:56

The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted string, leading to a denial of service (memory consumption), as demonstrated by cxxfilt, a related issue to CVE-201...

5.5

CVE-2018-20651

Exploit
  • EPSS 0.76%
  • Veröffentlicht 01.01.2019 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:01:56

A NULL pointer dereference was discovered in elf_link_add_object_symbols in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.1. This occurs for a crafted ET_DYN with no program headers. A special...

5.5

CVE-2018-20623

Exploit
  • EPSS 0.32%
  • Veröffentlicht 31.12.2018 19:29:00
  • Zuletzt bearbeitet 06.05.2025 18:15:35

In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called from the process_archive function in readelf.c via a crafted ELF file.

7.8

CVE-2018-1000876

Exploit
  • EPSS 0.13%
  • Veröffentlicht 20.12.2018 17:29:01
  • Zuletzt bearbeitet 21.11.2024 03:40:33

binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows executi...

5.5

CVE-2018-20002

Exploit
  • EPSS 0.32%
  • Veröffentlicht 10.12.2018 02:29:00
  • Zuletzt bearbeitet 21.11.2024 04:00:43

The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demo...