CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-6872 – Gentoo Linux Security Advisory 201811-17
https://notcve.org/view.php?id=CVE-2018-6872
09 Feb 2018 — The elf_parse_notes function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (out-of-bounds read and segmentation violation) via a note with a large alignment. La función elf_parse_notes en elf.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.30, permite que atacantes remotos provoquen una denegación de servicio (lectura fuera de límite... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-6759 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2018-6759
06 Feb 2018 — The bfd_get_debug_link_info_1 function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, has an unchecked strnlen operation. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) via a crafted ELF file. La función bfd_get_debug_link_info_1 en opncls.c en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29.2,30, tiene una operación strnlen... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-6543 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2018-6543
02 Feb 2018 — In GNU Binutils 2.30, there's an integer overflow in the function load_specific_debug_section() in objdump.c, which results in `malloc()` with 0 size. A crafted ELF file allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. En GNU Binutils 2.30, hay un desbordamiento de enteros en la función load_specific_debug_section() en objdump.c, que resulta en "malloc()" con tamaño 0. Un archivo ELF manipulado permite que atacantes remotos provoquen una den... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 3CVE-2018-6323 – GNU binutils 2.26.1 - Integer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2018-6323
26 Jan 2018 — The elf_object_p function in elfcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, has an unsigned integer overflow because bfd_size_type multiplication is not used. A crafted ELF file allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. La función elf_object_p en elfcode.h en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distribuye en GNU Binutils 2.2... • https://packetstorm.news/files/id/146365 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-17122 – Ubuntu Security Notice USN-6413-1
https://notcve.org/view.php?id=CVE-2017-17122
04 Dec 2017 — The dump_relocs_in_section function in objdump.c in GNU Binutils 2.29.1 does not check for reloc count integer overflows, which allows remote attackers to cause a denial of service (excessive memory allocation, or heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PE file. La función dump_relocs_in_section en objdump.c en GNU Binutils 2.29.1 no busca desbordamientos de conteo de enteros reloc, lo que permite que atacantes remotos causen una denegación d... • https://security.gentoo.org/glsa/201811-17 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-17125 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-17125
04 Dec 2017 — nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global symbols, which allows remote attackers to cause a denial of service (_bfd_elf_get_symbol_version_string buffer over-read and application crash) or possibly have unspecified other impact via a crafted ELF file. nm.c y objdump.c en GNU Binutils 2.29.1 gestionan de manera incorrecta ciertos símbolos globales, lo que permite que atacantes remotos provoquen una denegación de servicio (sobrelectura del búfer _bfd_elf_get_symbol_version_string y ci... • https://security.gentoo.org/glsa/201811-17 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-17121 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-17121
04 Dec 2017 — The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (memory access violation) or possibly have unspecified other impact via a COFF binary in which a relocation refers to a location after the end of the to-be-relocated section. La biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29.1, permite que atacantes remotos provoquen una denegación de servicio ... • https://security.gentoo.org/glsa/201811-17 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-17126 – Gentoo Linux Security Advisory 201811-17
https://notcve.org/view.php?id=CVE-2017-17126
04 Dec 2017 — The load_debug_section function in readelf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via an ELF file that lacks section headers. La función load_debug_section en readelf.c en GNU Binutils 2.29.1 permite que atacantes remotos provoquen una denegación de servicio (acceso no válido a la memoria y cierre inesperado de aplicación) o, probablemente, provocar cualquier otro tipo de impacto me... • https://security.gentoo.org/glsa/201811-17 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-17123 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-17123
04 Dec 2017 — The coff_slurp_reloc_table function in coffcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted COFF based file. La función coff_slurp_reloc_table en coffcode.h en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29.1 permite que atacantes remotos provoquen una denegación de s... • https://security.gentoo.org/glsa/201811-17 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 1CVE-2017-17124 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-17124
04 Dec 2017 — The _bfd_coff_read_string_table function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not properly validate the size of the external string table, which allows remote attackers to cause a denial of service (excessive memory consumption, or heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted COFF binary. La función _bfd_coff_read_string_table en coffgen.c en la biblioteca Binary File De... • https://security.gentoo.org/glsa/201811-17 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •