CVE-2019-12972
https://notcve.org/view.php?id=CVE-2019-12972
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\0' character. Fue encontrado un problema en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distribuye en GNU Binutils 2.32. Se ha descubierto un problema en las versiones 0.7 y 0.7.1645 de GNU LibreDWG. Hay una sobrelectura de búfer basada en memoria dinámica (heap) en _bfd_doprnt in bfd.c porque elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP mediante la omisión de un carácter \0' final. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html http://www.securityfocus.com/bid/108903 https://security.gentoo.org/glsa/202007-39 https://sourceware.org/bugzilla/show_bug.cgi?id=24689 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=890f750a3b053532a4b839a2dd6243076de12031 https://usn.ubuntu.com/4336-1 • CWE-125: Out-of-bounds Read •
CVE-2019-9071
https://notcve.org/view.php?id=CVE-2019-9071
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls. Se ha descubierto una vulnerabilidad en GNU libiberty, tal y como se distribuye en GNU Binutils 2.32. Es un problema de consumo de pila en d_count_templates_scopes en cp-demangle.c tras numerosas llamadas recursivas. • http://www.securityfocus.com/bid/107147 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89394 https://security.gentoo.org/glsa/202107-24 https://security.netapp.com/advisory/ntap-20190314-0003 https://sourceware.org/bugzilla/show_bug.cgi?id=24227 https://support.f5.com/csp/article/K02884135 https://usn.ubuntu.com/4326-1 https://usn.ubuntu.com/4336-1 • CWE-674: Uncontrolled Recursion •
CVE-2019-9076
https://notcve.org/view.php?id=CVE-2019-9076
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in elf_read_notes in elf.c. Se ha descubierto un problema en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distribuye en GNU Binutils 2.32. Es un intento de asignación de memoria excesiva en elf_read_notes en elf.c. • https://security.gentoo.org/glsa/202107-24 https://security.netapp.com/advisory/ntap-20190314-0003 https://sourceware.org/bugzilla/show_bug.cgi?id=24238 https://support.f5.com/csp/article/K44650639 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2019-9070
https://notcve.org/view.php?id=CVE-2019-9070
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive calls. Se ha descubierto una vulnerabilidad en GNU libiberty, tal y como se distribuye en GNU Binutils 2.32. Es una sobrelectura de búfer basada en memoria dinámica (heap) en d_expression_1 en cp-demangle.c tras numerosas llamadas recursivas. • http://www.securityfocus.com/bid/107147 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89395 https://security.gentoo.org/glsa/202107-24 https://security.netapp.com/advisory/ntap-20190314-0003 https://sourceware.org/bugzilla/show_bug.cgi?id=24229 https://support.f5.com/csp/article/K13534168 https://usn.ubuntu.com/4326-1 https://usn.ubuntu.com/4336-1 • CWE-125: Out-of-bounds Read •
CVE-2019-9072
https://notcve.org/view.php?id=CVE-2019-9072
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in setup_group in elf.c. Se ha descubierto un problema en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distribuye en GNU Binutils 2.32. Es un intento de asignación de memoria excesiva en setup_group en elf.c. • https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89396 https://security.gentoo.org/glsa/202107-24 https://security.netapp.com/advisory/ntap-20190314-0003 https://sourceware.org/bugzilla/show_bug.cgi?id=24232 https://sourceware.org/bugzilla/show_bug.cgi?id=24237 https://support.f5.com/csp/article/K12541829 • CWE-770: Allocation of Resources Without Limits or Throttling •