CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-16830 – Gentoo Linux Security Advisory 201811-17
https://notcve.org/view.php?id=CVE-2017-16830
15 Nov 2017 — The print_gnu_property_note function in readelf.c in GNU Binutils 2.29.1 does not have integer-overflow protection on 32-bit platforms, which allows remote attackers to cause a denial of service (segmentation violation and application crash) or possibly have unspecified other impact via a crafted ELF file. La función GNU Binutils en readelf.c en GNU Binutils 2.29.1 no tiene protección contra desbordamientos de enteros en plataformas de 32 bits, lo que permite que atacantes remotos provoquen una denegación d... • http://www.securityfocus.com/bid/101941 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-16827 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-16827
15 Nov 2017 — The aout_get_external_symbols function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (slurp_symtab invalid free and application crash) or possibly have unspecified other impact via a crafted ELF file. La función aout_get_external_symbols en aoutx.h en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29.1 permite que atacantes remotos p... • https://security.gentoo.org/glsa/201811-17 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-16829 – Gentoo Linux Security Advisory 201811-17
https://notcve.org/view.php?id=CVE-2017-16829
15 Nov 2017 — The _bfd_elf_parse_gnu_properties function in elf-properties.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not prevent negative pointers, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a crafted ELF file. La función _bfd_elf_parse_gnu_properties en elf-properties.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se dist... • https://security.gentoo.org/glsa/201811-17 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-16828 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-16828
15 Nov 2017 — The display_debug_frames function in dwarf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service (integer overflow and heap-based buffer over-read, and application crash) or possibly have unspecified other impact via a crafted ELF file, related to print_debug_frame. La función display_debug_frames en dwarf.c en GNU Binutils 2.29.1 permite que atacantes remotos provoquen una denegación de servicio (desbordamiento de enteros, sobrelectura de búfer basada en memoria dinámica o heap y ci... • https://security.gentoo.org/glsa/201811-17 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15996 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-15996
29 Oct 2017 — elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service (excessive memory allocation) or possibly have unspecified other impact via a crafted ELF file that triggers a "buffer overflow on fuzzed archive header," related to an uninitialized variable, an improper conditional jump, and the get_archive_member_name, process_archive_index_and_symbols, and setup_archive functions. elfcomm.c en readelf en GNU Binutils 2.29 permite que atacantes remotos provoquen una denegación ... • http://www.securityfocus.com/bid/101608 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15939 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-15939
27 Oct 2017 — dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles NULL files in a .debug_line file table, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to concat_filename. NOTE: this issue is caused by an incomplete fix for CVE-2017-15023. dwarf2.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29 y ant... • http://www.securityfocus.com/bid/101613 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15938 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-15938
27 Oct 2017 — dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, miscalculates DW_FORM_ref_addr die refs in the case of a relocatable object file, which allows remote attackers to cause a denial of service (find_abstract_instance_name invalid memory read, segmentation fault, and application crash). dwarf2.c en la librería Binary File Descriptor (BFD) (también conocida como libbfd), tal y como viene distribuido en GNU Binutils 2.29, calcula de manera incorrecta las refe... • http://www.securityfocus.com/bid/101610 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15225 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-15225
10 Oct 2017 — _bfd_dwarf2_cleanup_debug_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (memory leak) via a crafted ELF file. _bfd_dwarf2_cleanup_debug_info en dwarf2.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29, permite que atacantes remotos provoquen una denegación de servicio (fuga de memoria) mediante un archivo ELF manipulado. USN... • https://sourceware.org/bugzilla/show_bug.cgi?id=22212 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15022 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-15022
04 Oct 2017 — dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the DW_AT_name data type, which allows remote attackers to cause a denial of service (bfd_hash_hash NULL pointer dereference, or out-of-bounds access, and application crash) via a crafted ELF file, related to scan_unit_for_symbols and parse_comp_unit. La función dwarf2.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29, no... • https://blogs.gentoo.org/ago/2017/10/03/binutils-null-pointer-dereference-in-bfd_hash_hash-hash-c • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-15020 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-15020
04 Oct 2017 — dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles pointers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file, related to parse_die and parse_line_table, as demonstrated by a parse_die heap-based buffer over-read. dwarf1.c en la biblioteca Binary File Descriptor (BFD) (también llamada libbfd), tal y como se distribuye en GNU Binutils 2.29, no gestiona... • https://blogs.gentoo.org/ago/2017/10/03/binutils-heap-based-buffer-overflow-in-parse_die-dwarf1-c • CWE-125: Out-of-bounds Read •