CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2019-9074
https://notcve.org/view.php?id=CVE-2019-9074
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c. Se ha descubierto un problema en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distribuye en GNU Binutils 2.32. Es una lectura fuera de límites que conduce a un SEGV en bfd_getl32 en libbfd.c, cuando se llama desde pex64_get_runtime_function en pei-x86_64.c. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html https://security.gentoo.org/glsa/202107-24 https://security.netapp.com/advisory/ntap-20190314-0003 https://sourceware.org/bugzilla/show_bug.cgi?id=24235 https://support.f5.com/csp/article/K09092524 https://usn.ubuntu.com/4336-1 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 30EXPL: 1CVE-2019-9075
https://notcve.org/view.php?id=CVE-2019-9075
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c. Se ha descubierto un problema en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distribuye en GNU Binutils 2.32. Es un desbordamiento de búfer basado en memoria dinámica (heap) en _bfd_archive_64_bit_slurp_armap en archive64.c. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html https://security.gentoo.org/glsa/202107-24 https://security.netapp.com/advisory/ntap-20190314-0003 https://sourceware.org/bugzilla/show_bug.cgi?id=24236 https://support.f5.com/csp/article/K42059040 https://usn.ubuntu.com/4336-1 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2019-9076
https://notcve.org/view.php?id=CVE-2019-9076
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in elf_read_notes in elf.c. Se ha descubierto un problema en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distribuye en GNU Binutils 2.32. Es un intento de asignación de memoria excesiva en elf_read_notes en elf.c. • https://security.gentoo.org/glsa/202107-24 https://security.netapp.com/advisory/ntap-20190314-0003 https://sourceware.org/bugzilla/show_bug.cgi?id=24238 https://support.f5.com/csp/article/K44650639 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2019-9077
https://notcve.org/view.php?id=CVE-2019-9077
An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section. Se ha descubierto un problema en GNU Binutils 2.32. Es un desbordamiento de búfer basado en memoria dinámica (heap) en process_mips_specific en readelf.c mediante una sección de opción MIPS mal formada. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html http://www.securityfocus.com/bid/107139 https://security.gentoo.org/glsa/202107-24 https://security.netapp.com/advisory/ntap-20190314-0003 https://sourceware.org/bugzilla/show_bug.cgi?id=24243 https://support.f5.com/csp/article/K00056379 https://usn.ubuntu.com/4336-1 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 2CVE-2018-20712
https://notcve.org/view.php?id=CVE-2018-20712
A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt. Existe una sobrelectura de búfer basada en memoria dinámica (heap) en la función d_expression_1 en cp-demangle.c en GNU libiberty, tal y como se distribuye en GNU Binutils 2.31.1. Una entrada manipulada puede causar fallos de segmentación, conduciendo a una denegación de servicio (DoS), tal y como queda demostrado con c++filt. • http://www.securityfocus.com/bid/106563 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88629 https://sourceware.org/bugzilla/show_bug.cgi?id=24043 https://support.f5.com/csp/article/K38336243 • CWE-125: Out-of-bounds Read •