Gnu

Binutils

249 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2023-1579

Exploit
  • EPSS 0.05%
  • Veröffentlicht 03.04.2023 23:15:07
  • Zuletzt bearbeitet 13.02.2025 15:15:12

Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64.

5.5

CVE-2022-4285

Exploit
  • EPSS 0.03%
  • Veröffentlicht 27.01.2023 18:15:15
  • Zuletzt bearbeitet 28.03.2025 16:15:25

An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599.

5.5

CVE-2022-38533

  • EPSS 0.03%
  • Veröffentlicht 26.08.2022 00:15:09
  • Zuletzt bearbeitet 21.11.2024 07:16:37

In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file.

7.8

CVE-2021-45078

Exploit
  • EPSS 0.21%
  • Veröffentlicht 15.12.2021 20:15:08
  • Zuletzt bearbeitet 21.11.2024 06:31:54

stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists b...

7.8

CVE-2021-37322

Exploit
  • EPSS 0.24%
  • Veröffentlicht 18.11.2021 22:15:07
  • Zuletzt bearbeitet 21.11.2024 06:14:57

GCC c++filt v2.26 was discovered to contain a use-after-free vulnerability via the component cplus-dem.c.

7.5

CVE-2021-3530

  • EPSS 0.06%
  • Veröffentlicht 02.06.2021 15:15:09
  • Zuletzt bearbeitet 21.11.2024 06:21:46

A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed in GNU Binutils version 2.36. A crafted symbol can cause stack memory to be exhausted leading to a crash.

7.1

CVE-2021-3549

  • EPSS 0.46%
  • Veröffentlicht 26.05.2021 21:15:08
  • Zuletzt bearbeitet 28.02.2025 13:15:24

An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to avr_elf32_load_records_from_section() probably resulting in a crash or in some cases memory corruption. The high...

7.8

CVE-2021-20294

Exploit
  • EPSS 19.16%
  • Veröffentlicht 29.04.2021 16:15:09
  • Zuletzt bearbeitet 21.11.2024 05:46:17

A flaw was found in binutils readelf 2.35 program. An attacker who is able to convince a victim using readelf to read a crafted file could trigger a stack buffer overflow, out-of-bounds write of arbitrary data supplied by the attacker. The highest im...

5.5

CVE-2021-20284

Exploit
  • EPSS 0.09%
  • Veröffentlicht 26.03.2021 17:15:13
  • Zuletzt bearbeitet 21.11.2024 05:46:16

A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c due to the number of symbols not calculated correctly. The highest threat from this vulnerability is to system ava...

6.3

CVE-2021-20197

  • EPSS 0.14%
  • Veröffentlicht 26.03.2021 17:15:12
  • Zuletzt bearbeitet 21.11.2024 05:46:06

There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user (presumably as part of a script updating binaries acros...