Gnu

Binutils

262 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2017-7224

  • EPSS 0.3%
  • Veröffentlicht 22.03.2017 16:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The find_nearest_line function in objdump in GNU Binutils 2.28 is vulnerable to an invalid write (of size 1) while disassembling a corrupt binary that contains an empty function name, leading to a program crash.

7.5

CVE-2017-7225

  • EPSS 0.43%
  • Veröffentlicht 22.03.2017 16:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The find_nearest_line function in addr2line in GNU Binutils 2.28 does not handle the case where the main file name and the directory name are both empty, triggering a NULL pointer dereference and an invalid write, and leading to a program crash.

9.1

CVE-2017-7226

  • EPSS 0.38%
  • Veröffentlicht 22.03.2017 16:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The pe_ILF_object_p function in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a heap-based buffer over-read of size 4049 because it uses the strlen function instead of strnlen, leading to...

7.5

CVE-2017-7227

  • EPSS 0.44%
  • Veröffentlicht 22.03.2017 16:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

GNU linker (ld) in GNU Binutils 2.28 is vulnerable to a heap-based buffer overflow while processing a bogus input script, leading to a program crash. This relates to lack of '\0' termination of a name field in ldlex.l.

9.8

CVE-2014-9939

  • EPSS 0.38%
  • Veröffentlicht 21.03.2017 06:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

ihex.c in GNU Binutils before 2.26 contains a stack buffer overflow when printing bad bytes in Intel Hex objects.

5.5

CVE-2017-7209

  • EPSS 0.31%
  • Veröffentlicht 21.03.2017 06:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The dump_section_as_bytes function in readelf in GNU Binutils 2.28 accesses a NULL pointer while reading section contents in a corrupt binary, leading to a program crash.

5.5

CVE-2017-7210

  • EPSS 0.31%
  • Veröffentlicht 21.03.2017 06:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

objdump in GNU Binutils 2.28 is vulnerable to multiple heap-based buffer over-reads (of size 1 and size 8) while handling corrupt STABS enum type strings in a crafted object file, leading to program crash.

5.5

CVE-2017-6965

Exploit
  • EPSS 0.25%
  • Veröffentlicht 17.03.2017 09:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

readelf in GNU Binutils 2.28 writes to illegal addresses while processing corrupt input files containing symbol-difference relocations, leading to a heap-based buffer overflow.

5.5

CVE-2017-6966

Exploit
  • EPSS 0.28%
  • Veröffentlicht 17.03.2017 09:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

readelf in GNU Binutils 2.28 has a use-after-free (specifically read-after-free) error while processing multiple, relocated sections in an MSP430 binary. This is caused by mishandling of an invalid symbol index, and mishandling of state across invoca...

9.1

CVE-2017-6969

Exploit
  • EPSS 0.46%
  • Veröffentlicht 17.03.2017 09:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

readelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer over-read while processing corrupt RL78 binaries. The vulnerability can trigger program crashes. It may lead to an information leak as well.