Gnu

Binutils

274 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2017-6966

Exploit
  • EPSS 0.28%
  • Veröffentlicht 17.03.2017 09:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

readelf in GNU Binutils 2.28 has a use-after-free (specifically read-after-free) error while processing multiple, relocated sections in an MSP430 binary. This is caused by mishandling of an invalid symbol index, and mishandling of state across invoca...

9.1

CVE-2017-6969

Exploit
  • EPSS 0.46%
  • Veröffentlicht 17.03.2017 09:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

readelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer over-read while processing corrupt RL78 binaries. The vulnerability can trigger program crashes. It may lead to an information leak as well.

5

CVE-2014-8738

Exploit
  • EPSS 7.86%
  • Veröffentlicht 15.01.2015 15:59:14
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The _bfd_slurp_extended_name_table function in bfd/archive.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (invalid write, segmentation fault, and crash) via a crafted extended name table in an archive.

3.6

CVE-2014-8737

Exploit
  • EPSS 0.07%
  • Veröffentlicht 09.12.2014 23:59:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple directory traversal vulnerabilities in GNU binutils 2.24 and earlier allow local users to delete arbitrary files via a .. (dot dot) or full path name in an archive to (1) strip or (2) objcopy or create arbitrary files via (3) a .. (dot dot) ...

7.5

CVE-2014-8504

Exploit
  • EPSS 4.32%
  • Veröffentlicht 09.12.2014 23:59:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Stack-based buffer overflow in the srec_scan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted file.

7.5

CVE-2014-8503

Exploit
  • EPSS 7.38%
  • Veröffentlicht 09.12.2014 23:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Stack-based buffer overflow in the ihex_scan function in bfd/ihex.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted ihex file.

7.5

CVE-2014-8502

Exploit
  • EPSS 6.16%
  • Veröffentlicht 09.12.2014 23:59:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Heap-based buffer overflow in the pe_print_edata function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a truncated export table in a PE ...

7.5

CVE-2014-8501

Exploit
  • EPSS 5.88%
  • Veröffentlicht 09.12.2014 23:59:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The _bfd_XXi_swap_aouthdr_in function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) and possibly have other unspecified impact via a crafted NumberOfRvaAndSizes field in ...

7.5

CVE-2014-8485

Medienbericht Exploit
  • EPSS 3.54%
  • Veröffentlicht 09.12.2014 23:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The setup_group function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted section group headers in an ELF file.

5

CVE-2014-8484

  • EPSS 2.02%
  • Veröffentlicht 09.12.2014 23:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The srec_scan function in bfd/srec.c in libdbfd in GNU binutils before 2.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a small S-record.