CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-12448 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-12448
04 Aug 2017 — The bfd_cache_close function in bfd/cache.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a heap use after free and possibly achieve code execution via a crafted nested archive file. This issue occurs because incorrect functions are called during an attempt to release memory. The issue can be addressed by better input validation in the bfd_generic_archive_p function in bfd/archive.c. La función bfd_cache_close en b... • https://sourceware.org/bugzilla/show_bug.cgi?id=21787 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-12456 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-12456
04 Aug 2017 — The read_symbol_stabs_debugging_info function in rddbg.c in GNU Binutils 2.29 and earlier allows remote attackers to cause an out of bounds heap read via a crafted binary file. La función read_symbol_stabs_debugging_info en rddbg.c en GNU Binutils 2.29 y anteriores permite que atacantes remotos provoquen una lectura de memoria dinámica fuera de límites mediante un archivo binario manipulado. USN-4336-1 fixed several vulnerabilities in GNU binutils. This update provides the corresponding update for Ubuntu 16... • https://security.gentoo.org/glsa/201801-01 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9954 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-9954
26 Jun 2017 — The getvalue function in tekhex.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted tekhex file, as demonstrated by mishandling within the nm program. La función getvalue en el archivo teckhex.c en la librería Binary File Descriptor (BFD), distribuida en GNU Binutils 2.28, permite a un atacante remoto causar una denegación de servicio (buffer ov... • http://www.securityfocus.com/bid/99307 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9955
https://notcve.org/view.php?id=CVE-2017-9955
26 Jun 2017 — The get_build_id function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file in which a certain size field is larger than a corresponding data field, as demonstrated by mishandling within the objdump program. La función get_build_id en el archivo opncls.c en la librería Binary File Descriptor (BFD) (también conocida como libbfd) d... • http://www.securityfocus.com/bid/99573 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 2CVE-2017-9742 – GNU binutils - 'print_insn_score16' Buffer Overflow
https://notcve.org/view.php?id=CVE-2017-9742
19 Jun 2017 — The score_opcodes function in opcodes/score7-dis.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. La función score_opcodes en opcodes/score7-dis.c en GNU Binutils 2.28 permite que atacantes remotos provoquen una denegación de servicio (desbordamiento de búfer y cierre inesperado de la aplicación) o, ... • https://packetstorm.news/files/id/143051 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2017-9743
https://notcve.org/view.php?id=CVE-2017-9743
19 Jun 2017 — The print_insn_score32 function in opcodes/score7-dis.c:552 in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. La función print_insn_score32 en el archivo opcodes/score7-dis.c:552 en GNU Binutils versión 2.28, permite a los atacantes remotos causar una denegación de servicio (desbordamiento de búfer y bl... • http://www.securityfocus.com/bid/99106 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2017-9744 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-9744
19 Jun 2017 — The sh_elf_set_mach_from_flags function in bfd/elf32-sh.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. La función sh_elf_set_mach_from_flags en el archivo bfd/elf32-sh.c en la biblioteca Binary File Descriptor (BFD) (también ... • http://www.securityfocus.com/bid/99108 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2017-9745 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-9745
19 Jun 2017 — The _bfd_vms_slurp_etir function in bfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. La función _bfd_vms_slurp_etir en el archivo bfd/vms-alpha.c en la biblioteca Binary File Descriptor (BFD) (también se conoce co... • http://www.securityfocus.com/bid/99109 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 4%CPEs: 1EXPL: 2CVE-2017-9746 – GNU binutils - 'disassemble_bytes' Heap Overflow
https://notcve.org/view.php?id=CVE-2017-9746
19 Jun 2017 — The disassemble_bytes function in objdump.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of rae insns printing for this file during "objdump -D" execution. La función disassemble_bytes en el archivo objdump.c en GNU Binutils versión 2.28, permite a los atacantes remotos causar una denegación de servicio (desbordamiento de búfer y bloqueo de ... • https://packetstorm.news/files/id/143047 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 2CVE-2017-9747 – GNU binutils - 'bfd_get_string' Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2017-9747
19 Jun 2017 — The ieee_archive_p function in bfd/ieee.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, might allow remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. NOTE: this may be related to a compiler bug. La función ieee_archive_p en el archivo bfd/eee.c en la biblioteca Binary File Descripto... • https://packetstorm.news/files/id/143048 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •