CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-10373 – binutils: NULL pointer dereference in dwarf2.c:concat_filename() allows for denial of service via crafted file
https://notcve.org/view.php?id=CVE-2018-10373
25 Apr 2018 — concat_filename in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted binary file, as demonstrated by nm-new. concat_filename en dwarf2.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.30 y anteriores permite que atacantes remotos provoquen una denegación de servicio (desrefere... • http://www.securityfocus.com/bid/104000 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-9996
https://notcve.org/view.php?id=CVE-2018-9996
10 Apr 2018 — An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_template_value_parm, demangle_integral_value, and demangle_expression. Se ha descubierto una vulnerabilidad en cplus-dem.c en GNU libiberty, tal y como se distribuye en GNU Binutils 2.30. La pila se agota en las funciones de demangling en C++ proporcionadas por libiberty y hay tramas de pila... • http://www.securityfocus.com/bid/103733 • CWE-674: Uncontrolled Recursion •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-9138 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2018-9138
30 Mar 2018 — An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_nested_args, demangle_args, do_arg, and do_type. Se ha descubierto una vulnerabilidad en cplus-dem.c en GNU libiberty, tal y como se distribuye en GNU Binutils 2.29 y 2.30. Se produce un agotamiento de pila en las funciones de demangling en C++ proporcionadas por libiberty y hay tra... • https://sourceware.org/bugzilla/show_bug.cgi?id=23008 • CWE-674: Uncontrolled Recursion •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2018-8945 – binutils: Crash in elf.c:bfd_section_from_shdr() with crafted executable
https://notcve.org/view.php?id=CVE-2018-8945
22 Mar 2018 — The bfd_section_from_shdr function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (segmentation fault) via a large attribute section. **RECHAZADA** NO USAR ESTE NÚMERO DE CANDIDATO. ConsultIDs: ninguna. Motivo: Este candidato estaba en un grupo de CNA que no estaba asignado a ningún problema durante 2017. Notas: ninguna. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-7642 – binutils: NULL pointer dereference in swap_std_reloc_in function in aoutx.h resulting in crash
https://notcve.org/view.php?id=CVE-2018-7642
02 Mar 2018 — The swap_std_reloc_in function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (aout_32_swap_std_reloc_out NULL pointer dereference and application crash) via a crafted ELF file, as demonstrated by objcopy. La funcíon swap_std_reloc_in en aoutx.h en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.30 y anteriores permite que atacantes remo... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2018-7643 – binutils: Integer overflow in the display_debug_ranges function resulting in crash
https://notcve.org/view.php?id=CVE-2018-7643
02 Mar 2018 — The display_debug_ranges function in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, as demonstrated by objdump. La función display_debug_ranges en dwarf.c en GNU Binutils 2.30 permite que atacantes remotos provoquen una denegación de servicio (desbordamiento de enteros y caída de aplicación) o, probablemente, provocar cualquier otro tipo de problema mediante un archiv... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2018-7568 – binutils: integer overflow via an ELF file with corrupt dwarf1 debug information in libbfd library
https://notcve.org/view.php?id=CVE-2018-7568
28 Feb 2018 — The parse_die function in dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer overflow and application crash) via an ELF file with corrupt dwarf1 debug information, as demonstrated by nm. La función parse_die en dwarf1.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.30, permite que atacantes remotos provoquen una denegación de ser... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2018-7569 – binutils: integer underflow or overflow via an ELF file with a corrupt DWARF FORM block in libbfd library
https://notcve.org/view.php?id=CVE-2018-7569
28 Feb 2018 — dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer underflow or overflow, and application crash) via an ELF file with a corrupt DWARF FORM block, as demonstrated by nm. dwarf2.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.30, permite que atacantes remotos provoquen una denegación de servicio (desbordamiento o subdesbordamiento ... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html • CWE-190: Integer Overflow or Wraparound CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7570 – Gentoo Linux Security Advisory 201811-17
https://notcve.org/view.php?id=CVE-2018-7570
28 Feb 2018 — The assign_file_positions_for_non_load_sections function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an ELF file with a RELRO segment that lacks a matching LOAD segment, as demonstrated by objcopy. La función assign_file_positions_for_non_load_sections en elf.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se d... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2018-7208 – binutils: Improper bounds check in coffgen.c:coff_pointerize_aux() allows for denial of service when parsing a crafted COFF file
https://notcve.org/view.php?id=CVE-2018-7208
18 Feb 2018 — In the coff_pointerize_aux function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, an index is not validated, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted file, as demonstrated by objcopy of a COFF object. En la función coff_pointerize_aux en coffgen.c en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distribuye en GN... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html • CWE-20: Improper Input Validation •