CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14932 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-14932
29 Sep 2017 — decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite loop) via a crafted ELF file. decode_line_info en dwarf2.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29 y anteriores permite que atacantes remotos provoquen una denegación de servicio (bucle infinito) mediante un archivo ELF manipulado. USN-4336-1 fixed s... • https://sourceware.org/bugzilla/show_bug.cgi?id=22204 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14933 – Gentoo Linux Security Advisory 201811-17
https://notcve.org/view.php?id=CVE-2017-14933
29 Sep 2017 — read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite loop) via a crafted ELF file. read_formatted_entries en dwarf2.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29 y anteriores permite que atacantes remotos provoquen una denegación de servicio (bucle infinito) mediante un archivo ELF manipulado. Multip... • http://www.securityfocus.com/bid/101203 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14745
https://notcve.org/view.php?id=CVE-2017-14745
26 Sep 2017 — The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, interpret a -1 value as a sorting count instead of an error flag, which allows remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c. Las funciones *_get_synthetic_symtab en la biblioteca Binary File Descriptor (BFD) (también llamada libb... • https://sourceware.org/bugzilla/show_bug.cgi?id=22148 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14729
https://notcve.org/view.php?id=CVE-2017-14729
25 Sep 2017 — The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, do not ensure a unique PLT entry for a symbol, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c. Las funciones *_get_synthetic_symtab en la biblioteca Binary File Descriptor (BFD) (también llamada libbfd), tal ... • https://blogs.gentoo.org/ago/2017/09/25/binutils-heap-based-buffer-overflow-in-_bfd_x86_elf_get_synthetic_symtab-elfxx-x86-c • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14529 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-14529
18 Sep 2017 — The pe_print_idata function in peXXigen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles HintName vector entries, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted PE file, related to the bfd_getl16 function. La función pe_print_idata en peXXigen.c en la librería Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29 y anteriores, ge... • https://sourceware.org/bugzilla/show_bug.cgi?id=22113 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14333 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-14333
12 Sep 2017 — The process_version_sections function in readelf.c in GNU Binutils 2.29 allows attackers to cause a denial of service (Integer Overflow, and hang because of a time-consuming loop) or possibly have unspecified other impact via a crafted binary file with invalid values of ent.vn_next, during "readelf -a" execution. La función process_version_sections en readelf.c en GNU Binutils 2.29 permite que atacantes remotos provoquen una denegación de servicio (desbordamiento de enteros y bloqueo debido a un bucle largo... • https://security.gentoo.org/glsa/201801-01 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14129 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-14129
04 Sep 2017 — The read_section function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (parse_comp_unit heap-based buffer over-read and application crash) via a crafted ELF file. La función read_section en dwarf2.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29 y anteriores, permite que atacantes remotos provoquen una denegación de servicio (s... • http://www.securityfocus.com/bid/100624 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14128 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-14128
04 Sep 2017 — The decode_line_info function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (read_1_byte heap-based buffer over-read and application crash) via a crafted ELF file. La función decode_line_info en dwarf2.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29 y anteriores, permite que atacantes remotos provoquen una denegación de servici... • http://www.securityfocus.com/bid/100623 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14130 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-14130
04 Sep 2017 — The _bfd_elf_parse_attributes function in elf-attrs.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (_bfd_elf_attr_strdup heap-based buffer over-read and application crash) via a crafted ELF file. La función _bfd_elf_parse_attributes en elf-attrs.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29 y anteriores, permite que atacantes remotos pr... • http://www.securityfocus.com/bid/100625 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13757
https://notcve.org/view.php?id=CVE-2017-13757
29 Aug 2017 — The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the PLT section size, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to elf_i386_get_synthetic_symtab in elf32-i386.c and elf_x86_64_get_synthetic_symtab in elf64-x86-64.c. La biblioteca Binary File Descriptor (BFD) (también llamada libbfd), tal y como se distribuye en GNU Binutils 2.29, no valida el tama... • http://www.securityfocus.com/bid/100532 • CWE-125: Out-of-bounds Read •