CVE-2018-10372 – binutils: Heap-base buffer over-read in dwarf.c:process_cu_tu_index() allows for denial of service via crafted file
https://notcve.org/view.php?id=CVE-2018-10372
process_cu_tu_index in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted binary file, as demonstrated by readelf. process_cu_tu_index en dwarf.c en GNU Binutils 2.30 permite a los atacantes remotos provocar una denegación de servicio (sobrelectura de búfer basado en montículos y fallo de aplicación) mediante un archivo binario manipulado, tal y como demuestra readelf. • http://www.securityfocus.com/bid/103976 https://access.redhat.com/errata/RHBA-2019:0327 https://access.redhat.com/errata/RHSA-2018:3032 https://security.gentoo.org/glsa/201908-01 https://sourceware.org/bugzilla/show_bug.cgi?id=23064 https://usn.ubuntu.com/4336-1 https://access.redhat.com/security/cve/CVE-2018-10372 https://bugzilla.redhat.com/show_bug.cgi?id=1573356 • CWE-125: Out-of-bounds Read •
CVE-2018-9996
https://notcve.org/view.php?id=CVE-2018-9996
An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_template_value_parm, demangle_integral_value, and demangle_expression. Se ha descubierto una vulnerabilidad en cplus-dem.c en GNU libiberty, tal y como se distribuye en GNU Binutils 2.30. La pila se agota en las funciones de demangling en C++ proporcionadas por libiberty y hay tramas de pila recursivas: demangle_template_value_parm, demangle_integral_value y demangle_expression. • http://www.securityfocus.com/bid/103733 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85304 • CWE-674: Uncontrolled Recursion •
CVE-2018-9138
https://notcve.org/view.php?id=CVE-2018-9138
An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_nested_args, demangle_args, do_arg, and do_type. Se ha descubierto una vulnerabilidad en cplus-dem.c en GNU libiberty, tal y como se distribuye en GNU Binutils 2.29 y 2.30. Se produce un agotamiento de pila en las funciones de demangling en C++ proporcionadas por libiberty y hay tramas de pila recursivas: demangle_nested_args, demangle_args, do_arg y do_type. • https://sourceware.org/bugzilla/show_bug.cgi?id=23008 https://usn.ubuntu.com/4326-1 https://usn.ubuntu.com/4336-1 • CWE-674: Uncontrolled Recursion •
CVE-2018-8945 – binutils: Crash in elf.c:bfd_section_from_shdr() with crafted executable
https://notcve.org/view.php?id=CVE-2018-8945
The bfd_section_from_shdr function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (segmentation fault) via a large attribute section. **RECHAZADA** NO USAR ESTE NÚMERO DE CANDIDATO. ConsultIDs: ninguna. Motivo: Este candidato estaba en un grupo de CNA que no estaba asignado a ningún problema durante 2017. Notas: ninguna. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html https://access.redhat.com/errata/RHBA-2019:0327 https://access.redhat.com/errata/RHSA-2018:3032 https://security.gentoo.org/glsa/201811-17 https://sourceware.org/bugzilla/show_bug.cgi?id=22809 https://usn.ubuntu.com/4336-1 https://access.redhat.com/security/cve/CVE-2018-8945 https://bugzilla.redhat.com/show_bug.cgi?id=1560827 • CWE-20: Improper Input Validation CWE-400: Uncontrolled Resource Consumption •
CVE-2018-7642 – binutils: NULL pointer dereference in swap_std_reloc_in function in aoutx.h resulting in crash
https://notcve.org/view.php?id=CVE-2018-7642
The swap_std_reloc_in function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (aout_32_swap_std_reloc_out NULL pointer dereference and application crash) via a crafted ELF file, as demonstrated by objcopy. La funcíon swap_std_reloc_in en aoutx.h en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.30 y anteriores permite que atacantes remotos provoquen una denegación de servicio (desreferencia de puntero NULL en aout_32_swap_std_reloc_out y cierre inesperado de la aplicación) mediante un archivo ELF manipulado, tal y como demuestra objcopy. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html https://access.redhat.com/errata/RHBA-2019:0327 https://access.redhat.com/errata/RHSA-2018:3032 https://security.gentoo.org/glsa/201811-17 https://sourceware.org/bugzilla/show_bug.cgi?id=22887 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=116acb2c268c89c89186673a7c92620d21825b25 https://access.redhat.com/security/cve/CVE-2018-7642 htt • CWE-476: NULL Pointer Dereference •