CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15225 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-15225
10 Oct 2017 — _bfd_dwarf2_cleanup_debug_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (memory leak) via a crafted ELF file. _bfd_dwarf2_cleanup_debug_info en dwarf2.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29, permite que atacantes remotos provoquen una denegación de servicio (fuga de memoria) mediante un archivo ELF manipulado. USN... • https://sourceware.org/bugzilla/show_bug.cgi?id=22212 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15022 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-15022
04 Oct 2017 — dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the DW_AT_name data type, which allows remote attackers to cause a denial of service (bfd_hash_hash NULL pointer dereference, or out-of-bounds access, and application crash) via a crafted ELF file, related to scan_unit_for_symbols and parse_comp_unit. La función dwarf2.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29, no... • https://blogs.gentoo.org/ago/2017/10/03/binutils-null-pointer-dereference-in-bfd_hash_hash-hash-c • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15020 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-15020
04 Oct 2017 — dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles pointers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file, related to parse_die and parse_line_table, as demonstrated by a parse_die heap-based buffer over-read. dwarf1.c en la biblioteca Binary File Descriptor (BFD) (también llamada libbfd), tal y como se distribuye en GNU Binutils 2.29, no gestiona... • https://blogs.gentoo.org/ago/2017/10/03/binutils-heap-based-buffer-overflow-in-parse_die-dwarf1-c • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15024 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-15024
04 Oct 2017 — find_abstract_instance_name in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file. find_abstract_instance_name en dwarf2.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29, permite que atacantes remotos provoquen una denegación de servicio (recursión infinita y cierre inesp... • https://blogs.gentoo.org/ago/2017/10/03/binutils-infinite-loop-in-find_abstract_instance_name-dwarf2-c • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15025 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-15025
04 Oct 2017 — decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted ELF file. decode_line_info en dwarf2.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29, permite que atacantes remotos provoquen una denegación de servicio (error de división entre cero y cierre inesperado de l... • https://blogs.gentoo.org/ago/2017/10/03/binutils-divide-by-zero-in-decode_line_info-dwarf2-c • CWE-369: Divide By Zero •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15023 – Gentoo Linux Security Advisory 201801-01
https://notcve.org/view.php?id=CVE-2017-15023
04 Oct 2017 — read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not properly validate the format count, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to concat_filename. read_formatted_entries en dwarf2.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29, no valida correctamente el... • http://www.securityfocus.com/bid/101611 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15021 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-15021
04 Oct 2017 — bfd_get_debug_link_info_1 in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to bfd_getl32. La función bfd_get_debug_link_info_1 en opncls.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29, permite que atacantes remotos provoquen una denegación de serv... • https://blogs.gentoo.org/ago/2017/10/03/binutils-heap-based-buffer-overflow-in-bfd_getl32-opncls-c • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14974
https://notcve.org/view.php?id=CVE-2017-14974
01 Oct 2017 — The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandle the failure of a certain canonicalization step, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c. Las funciones *_get_synthetic_symtab de la biblioteca Binary File Descriptor (BFD) (también llamada libbfd), tal y como se distribuye en GNU Binut... • https://sourceware.org/bugzilla/show_bug.cgi?id=22163 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14938 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-14938
29 Sep 2017 — _bfd_elf_slurp_version_tables in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file. _bfd_elf_slurp_version_tables en elf.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29 y anteriores permite que atacantes remotos provoquen una denegación de servicio (asignación exc... • http://www.securityfocus.com/bid/101212 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14940 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-14940
29 Sep 2017 — scan_unit_for_symbols in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file. scan_unit_for_symbols en dwarf2.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29 y anteriores permite que atacantes remotos provoquen una denegación de servicio (desreferencia de puntero NU... • https://blogs.gentoo.org/ago/2017/09/26/binutils-null-pointer-dereference-in-scan_unit_for_symbols-dwarf2-c • CWE-476: NULL Pointer Dereference •