
CVE-2022-44840 – Ubuntu Security Notice USN-6381-1
https://notcve.org/view.php?id=CVE-2022-44840
22 Aug 2023 — Heap buffer overflow vulnerability in binutils readelf before 2.40 via function find_section_in_set in file readelf.c. It was discovered that GNU binutils was not properly performing bounds checks in several functions, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service, expose sensitive information or execute arbitrary code. It was discovered that GNU binutils incorrectly handled memory management operations in several of its functions, which could ... • https://sourceware.org/bugzilla/show_bug.cgi?id=29732 • CWE-787: Out-of-bounds Write •

CVE-2023-25584 – Out of bounds read in parse_module function in bfd/vms-alpha.c
https://notcve.org/view.php?id=CVE-2023-25584
24 May 2023 — An out-of-bounds read flaw was found in the parse_module function in bfd/vms-alpha.c in Binutils. Se encontró una falla de lectura fuera de límites en la función parse_module en bfd/vms-alpha.c en Binutils. It was discovered that GNU binutils incorrectly handled certain DWARF files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 22.10. • https://access.redhat.com/security/cve/CVE-2023-25584 • CWE-125: Out-of-bounds Read •

CVE-2023-1972 – Gentoo Linux Security Advisory 202309-15
https://notcve.org/view.php?id=CVE-2023-1972
17 May 2023 — A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability. It was discovered that gdb incorrectly handled certain memory operations when parsing an ELF file. An attacker could possibly use this issue to cause a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599. • https://bugzilla.redhat.com/show_bug.cgi?id=2185646 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVE-2023-1579 – binutils: Heap-buffer-overflow binutils-gdb/bfd/libbfd.c in bfd_getl64
https://notcve.org/view.php?id=CVE-2023-1579
03 Apr 2023 — Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64. A heap based buffer overflow was found in binutils-gdb/bfd/libbfd.c in bfd_getl64 in binutils. It was discovered that GNU binutils incorrectly handled certain DWARF files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 22.10. • https://security.gentoo.org/glsa/202309-15 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVE-2022-38533 – Ubuntu Security Notice USN-5762-1
https://notcve.org/view.php?id=CVE-2022-38533
25 Aug 2022 — In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file. En GNU Binutils versiones anteriores a 2.4.0, se presenta un desbordamiento del búfer de la pila en la función de error bfd_getl32 cuando es llamada desde la función strip_main en strip-new por medio de un archivo diseñado. It was discovered that GNU binutils incorrectly handled certain COFF files. An attacker could possibly use this issue to... • https://github.com/bminor/binutils-gdb/commit/45d92439aebd0386ef8af76e1796d08cfe457e1d • CWE-787: Out-of-bounds Write •