Page 10 of 221 results (0.009 seconds)

CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1

CVE-2019-14444

https://notcve.org/view.php?id=CVE-2019-14444

apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf. La función apply_relocations en el archivo readelf.c en Binutils de GNU versión 2.32, contiene un desbordamiento de enteros que permite a los atacantes desencadenar una violación de acceso de escritura (en la función byte_put_little_endian en el archivo elfcomm.c) por medio de un archivo ELF, como es demostrado por readelf. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html https://security.gentoo.org/glsa/202007-39 https://security.netapp.com/advisory/ntap-20190822-0002 https://sourceware.org/bugzilla/show_bug.cgi?id=24829 https://usn.ubuntu.com/4336-1 • CWE-190: Integer Overflow or Wraparound •

CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 2

CVE-2019-14250

https://notcve.org/view.php?id=CVE-2019-14250

An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow. Se ha descubierto una vulnerabilidad en GNU libiberty, tal y como se distribuye en GNU Binutils versión 2.32. simple_object_elf_match in simple-object-elf.c no comprueba un valor shstrndx de cero, lo que lleva a un desbordamiento de enteros y un desbordamiento de búfer basado en memoria dinámica. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html http://www.securityfocus.com/bid/109354 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924 https://gcc.gnu.org/ml/gcc • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2019-1010204 – binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread.cc and elfcpp/elfcpp_file.h leads to denial of service

https://notcve.org/view.php?id=CVE-2019-1010204

GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An ELF file with an invalid e_shoff header field must be opened. GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) está afectado por: Validación incorrecta de entrada, comparación firmada / sin firmar, lectura fuera de límites. • https://security.netapp.com/advisory/ntap-20190822-0001 https://sourceware.org/bugzilla/show_bug.cgi?id=23765 https://support.f5.com/csp/article/K05032915?utm_source=f5support&amp%3Butm_medium=RSS https://access.redhat.com/security/cve/CVE-2019-1010204 https://bugzilla.redhat.com/show_bug.cgi?id=1735604 • CWE-125: Out-of-bounds Read CWE-681: Incorrect Conversion between Numeric Types •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1

CVE-2019-12972

https://notcve.org/view.php?id=CVE-2019-12972

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\0' character. Fue encontrado un problema en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distribuye en GNU Binutils 2.32. Se ha descubierto un problema en las versiones 0.7 y 0.7.1645 de GNU LibreDWG. Hay una sobrelectura de búfer basada en memoria dinámica (heap) en _bfd_doprnt in bfd.c porque elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP mediante la omisión de un carácter \0' final. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html http://www.securityfocus.com/bid/108903 https://security.gentoo.org/glsa/202007-39 https://sourceware.org/bugzilla/show_bug.cgi?id=24689 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=890f750a3b053532a4b839a2dd6243076de12031 https://usn.ubuntu.com/4336-1 • CWE-125: Out-of-bounds Read •

CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 2

CVE-2019-9071

https://notcve.org/view.php?id=CVE-2019-9071

An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls. Se ha descubierto una vulnerabilidad en GNU libiberty, tal y como se distribuye en GNU Binutils 2.32. Es un problema de consumo de pila en d_count_templates_scopes en cp-demangle.c tras numerosas llamadas recursivas. • http://www.securityfocus.com/bid/107147 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89394 https://security.gentoo.org/glsa/202107-24 https://security.netapp.com/advisory/ntap-20190314-0003 https://sourceware.org/bugzilla/show_bug.cgi?id=24227 https://support.f5.com/csp/article/K02884135 https://usn.ubuntu.com/4326-1 https://usn.ubuntu.com/4336-1 • CWE-674: Uncontrolled Recursion •