CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-8395 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-8395
01 May 2017 — The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid write of size 8 because of missing a malloc() return-value check to see if memory had actually been allocated in the _bfd_generic_get_section_contents function. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objcopy, to crash. La librería Binary File Descriptor (BFD) (también conocida como libbfd), tal como se distribuye en ... • https://security.gentoo.org/glsa/201709-02 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-8396 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-8396
01 May 2017 — The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 because the existing reloc offset range tests didn't catch small negative offsets less than the size of the reloc field. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objdump, to crash. La librería Binary File Descriptor (BFD) (también conocida como libbfd), tal como se distribuye en GNU Binutils 2.28, es vul... • https://security.gentoo.org/glsa/201709-02 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-8397 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-8397
01 May 2017 — The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 and an invalid write of size 1 during processing of a corrupt binary containing reloc(s) with negative addresses. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objdump, to crash. La librería Binary File Descriptor (BFD) (también conocida como libbfd), tal como se distribuye en GNU Binutils 2.28, es vulnerable... • https://security.gentoo.org/glsa/201709-02 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-8398 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-8398
01 May 2017 — dwarf.c in GNU Binutils 2.28 is vulnerable to an invalid read of size 1 during dumping of debug information from a corrupt binary. This vulnerability causes programs that conduct an analysis of binary programs, such as objdump and readelf, to crash. dwarf.c en GNU Binutils 2.28 es vulnerable a una lectura no válida de tamaño 1 durante el volcado de información de debug de un binario corrupto. Esta vulnerabilidad provoca la caída del servicio en programas que analizan binarios, como objcopy y readelf. USN-43... • https://security.gentoo.org/glsa/201709-02 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-7614 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-7614
09 Apr 2017 — elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a "member access within null pointer" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an "int main() {return 0;}" program. elflink.c en la librería Binary File Descriptor (BFD) (también conocido como libbfd), tal como se distribuye en GNU Binutils 2.28, tiene un problema de comportamiento "acce... • https://blogs.gentoo.org/ago/2017/04/05/binutils-two-null-pointer-dereference-in-elflink-c • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7304
https://notcve.org/view.php?id=CVE-2017-7304
29 Mar 2017 — The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read (of size 8) because of missing a check (in the copy_special_section_fields function) for an invalid sh_link field before attempting to follow it. This vulnerability causes Binutils utilities like strip to crash. La librería Binary File Descriptor (BFD) (también conocida como libbfd), distribuida en GNU Binutils 2.28, es vulnerable a lecturas inválidas (de tamaño 8) debido a la falta d... • http://www.securityfocus.com/bid/97215 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7303
https://notcve.org/view.php?id=CVE-2017-7303
29 Mar 2017 — The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read (of size 4) because of missing a check (in the find_link function) for null headers before attempting to match them. This vulnerability causes Binutils utilities like strip to crash. La librería Binary File Descriptor (BFD) (también conocida como libbfd), distribuida en GNU Binutils 2.28, es vulnerable a una lectura no válida (de tamaño 4) debido a falta de un cheque (en la función fi... • http://www.securityfocus.com/bid/97213 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7299 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-7299
29 Mar 2017 — The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an invalid read (of size 8) because the code to emit relocs (bfd_elf_final_link function in bfd/elflink.c) does not check the format of the input file before trying to read the ELF reloc section header. The vulnerability leads to a GNU linker (ld) program crash. La librería Binary File Descriptor (BFD) (también conocida como libbfd), distribuida en GNU Binutils 2.28, tiene una lectura no válida (de tamaño 8) porq... • http://www.securityfocus.com/bid/97217 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7300 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-7300
29 Mar 2017 — The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in bfd/aoutx.h that is vulnerable to a heap-based buffer over-read (off-by-one) because of an incomplete check for invalid string offsets while loading symbols, leading to a GNU linker (ld) program crash. "La librería Binary File Descriptor (BFD) (también conocida como libbfd), distribuida en GNU Binutils 2.28, tiene una función de aout_link_add_symbols en bfd / aoutx.h que es vu... • http://www.securityfocus.com/bid/97219 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-7301 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-7301
29 Mar 2017 — The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in bfd/aoutx.h that has an off-by-one vulnerability because it does not carefully check the string offset. The vulnerability could lead to a GNU linker (ld) program crash. La librería Binary File Descriptor (BFD) (también conocida como libbfd), distribuida en GNU Binutils 2.28, tiene una función aout_link_add_symbols en bfd/aoutx.h que tiene una vulnerabilidad off-by-one porque n... • http://www.securityfocus.com/bid/97218 • CWE-20: Improper Input Validation •