CVE-2022-48063
https://notcve.org/view.php?id=CVE-2022-48063
GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function load_separate_debug_files at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack. • https://security.netapp.com/advisory/ntap-20231006-0008 https://sourceware.org/bugzilla/show_bug.cgi?id=29924 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=75393a2d54bcc40053e5262a3de9d70c5ebfbbfd • CWE-400: Uncontrolled Resource Consumption •
CVE-2022-47008
https://notcve.org/view.php?id=CVE-2022-47008
An issue was discovered function make_tempdir, and make_tempname in bucomm.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks. • https://sourceware.org/bugzilla/show_bug.cgi?id=29255%20 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2022-47696
https://notcve.org/view.php?id=CVE-2022-47696
An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function compare_symbols. • https://sourceware.org/bugzilla/show_bug.cgi?id=29677 • CWE-400: Uncontrolled Resource Consumption •
CVE-2023-25584 – Out of bounds read in parse_module function in bfd/vms-alpha.c
https://notcve.org/view.php?id=CVE-2023-25584
An out-of-bounds read flaw was found in the parse_module function in bfd/vms-alpha.c in Binutils. Se encontró una falla de lectura fuera de límites en la función parse_module en bfd/vms-alpha.c en Binutils. • https://access.redhat.com/security/cve/CVE-2023-25584 https://bugzilla.redhat.com/show_bug.cgi?id=2167467 https://security.netapp.com/advisory/ntap-20231103-0002 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=77c225bdeb410cf60da804879ad41622f5f1aa44 • CWE-125: Out-of-bounds Read •
CVE-2023-1972
https://notcve.org/view.php?id=CVE-2023-1972
A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability. • https://bugzilla.redhat.com/show_bug.cgi?id=2185646 https://security.gentoo.org/glsa/202309-15 https://sourceware.org/bugzilla/show_bug.cgi?id=30285 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •