CVE-2022-47008
https://notcve.org/view.php?id=CVE-2022-47008
An issue was discovered function make_tempdir, and make_tempname in bucomm.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks. • https://sourceware.org/bugzilla/show_bug.cgi?id=29255%20 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2021-46174
https://notcve.org/view.php?id=CVE-2021-46174
Heap-based Buffer Overflow in function bfd_getl32 in Binutils objdump 3.37. Desbordamiento de búfer basado en el montículo en la función bfd_getl32 de Binutils objdump 3.37. • https://sourceware.org/bugzilla/show_bug.cgi?id=28753 • CWE-787: Out-of-bounds Write •
CVE-2020-19724
https://notcve.org/view.php?id=CVE-2020-19724
A memory consumption issue in get_data function in binutils/nm.c in GNU nm before 2.34 allows attackers to cause a denial of service via crafted command. Un problema de consumo de memoria en la función get_data en binutils/nm.c en GNU nm antes de la versión 2.34 permite a los atacantes causar una denegación de servicio a través de un comando manipulado. • https://sourceware.org/bugzilla/show_bug.cgi?id=25362 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=805f38bc551de820bcd7b31d3c5731ae27cf853a • CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2020-19726
https://notcve.org/view.php?id=CVE-2020-19726
An issue was discovered in binutils libbfd.c 2.36 relating to the auxiliary symbol data allows attackers to read or write to system memory or cause a denial of service. Se ha descubierto un problema en binutils libbfd.c 2.36 relacionado con los datos de símbolos auxiliares que permite a los atacantes leer o escribir en la memoria del sistema o provocar una denegación de servicio. • https://sourceware.org/bugzilla/show_bug.cgi?id=26240 https://sourceware.org/bugzilla/show_bug.cgi?id=26241 •
CVE-2022-48063
https://notcve.org/view.php?id=CVE-2022-48063
GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function load_separate_debug_files at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack. • https://security.netapp.com/advisory/ntap-20231006-0008 https://sourceware.org/bugzilla/show_bug.cgi?id=29924 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=75393a2d54bcc40053e5262a3de9d70c5ebfbbfd • CWE-400: Uncontrolled Resource Consumption •