CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1CVE-2022-48065 – Ubuntu Security Notice USN-6655-1
https://notcve.org/view.php?id=CVE-2022-48065
22 Aug 2023 — GNU Binutils before 2.40 was discovered to contain a memory leak vulnerability var the function find_abstract_instance in dwarf2.c. It was discovered that GNU binutils was not properly handling the logic behind certain memory management related operations, which could lead to an invalid memory access. An attacker could possibly use this issue to cause a denial of service. It was discovered that GNU binutils was not properly performing bounds checks when dealing with memory allocation operations, which could... • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GLZXZXFX2ZWTDU2QZUSZG36LZZVTKUVG • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-35342 – Ubuntu Security Notice USN-6381-1
https://notcve.org/view.php?id=CVE-2020-35342
22 Aug 2023 — GNU Binutils before 2.34 has an uninitialized-heap vulnerability in function tic4x_print_cond (file opcodes/tic4x-dis.c) which could allow attackers to make an information leak. It was discovered that a memory leak existed in certain GNU binutils modules. An attacker could possibly use this issue to cause a denial of service. It was discovered that GNU binutils was not properly performing bounds checks in several functions, which could lead to a buffer overflow. An attacker could possibly use this issue to ... • https://security.netapp.com/advisory/ntap-20231006-0009 • CWE-665: Improper Initialization •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-19724 – Ubuntu Security Notice USN-6381-1
https://notcve.org/view.php?id=CVE-2020-19724
22 Aug 2023 — A memory consumption issue in get_data function in binutils/nm.c in GNU nm before 2.34 allows attackers to cause a denial of service via crafted command. Un problema de consumo de memoria en la función get_data en binutils/nm.c en GNU nm antes de la versión 2.34 permite a los atacantes causar una denegación de servicio a través de un comando manipulado. It was discovered that a memory leak existed in certain GNU binutils modules. An attacker could possibly use this issue to cause a denial of service. It was... • https://sourceware.org/bugzilla/show_bug.cgi?id=25362 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 2CVE-2020-19726 – Ubuntu Security Notice USN-6544-1
https://notcve.org/view.php?id=CVE-2020-19726
22 Aug 2023 — An issue was discovered in binutils libbfd.c 2.36 relating to the auxiliary symbol data allows attackers to read or write to system memory or cause a denial of service. Se ha descubierto un problema en binutils libbfd.c 2.36 relacionado con los datos de símbolos auxiliares que permite a los atacantes leer o escribir en la memoria del sistema o provocar una denegación de servicio. It was discovered that GNU binutils incorrectly handled certain COFF files. An attacker could possibly use this issue to cause a ... • https://sourceware.org/bugzilla/show_bug.cgi?id=26240 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-21490
https://notcve.org/view.php?id=CVE-2020-21490
22 Aug 2023 — An issue was discovered in GNU Binutils 2.34. It is a memory leak when process microblaze-dis.c. This one will consume memory on each insn disassembled. • https://security.netapp.com/advisory/ntap-20230929-0007 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-32256
https://notcve.org/view.php?id=CVE-2021-32256
18 Jul 2023 — An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangle_type in rust-demangle.c. • https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1927070 • CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25584 – Out of bounds read in parse_module function in bfd/vms-alpha.c
https://notcve.org/view.php?id=CVE-2023-25584
24 May 2023 — An out-of-bounds read flaw was found in the parse_module function in bfd/vms-alpha.c in Binutils. Se encontró una falla de lectura fuera de límites en la función parse_module en bfd/vms-alpha.c en Binutils. It was discovered that GNU binutils incorrectly handled certain DWARF files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 22.10. • https://access.redhat.com/security/cve/CVE-2023-25584 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2023-25588 – Field `the_bfd` of `asymbol` is uninitialized in function `bfd_mach_o_get_synthetic_symtab`
https://notcve.org/view.php?id=CVE-2023-25588
24 May 2023 — A flaw was found in Binutils. The field `the_bfd` of `asymbol`struct is uninitialized in the `bfd_mach_o_get_synthetic_symtab` function, which may lead to an application crash and local denial of service. Se encontró una falla en Binutils. El campo `the_bfd` de `asymbol`struct no está inicializado en la función `bfd_mach_o_get_synthetic_symtab`, lo que puede provocar un bloqueo de la aplicación y una denegación de servicio local. It was discovered that GNU binutils incorrectly handled certain DWARF files. • https://access.redhat.com/security/cve/CVE-2023-25588 • CWE-457: Use of Uninitialized Variable CWE-908: Use of Uninitialized Resource •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-1972 – Gentoo Linux Security Advisory 202309-15
https://notcve.org/view.php?id=CVE-2023-1972
17 May 2023 — A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability. It was discovered that gdb incorrectly handled certain memory operations when parsing an ELF file. An attacker could possibly use this issue to cause a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599. • https://bugzilla.redhat.com/show_bug.cgi?id=2185646 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-1579 – binutils: Heap-buffer-overflow binutils-gdb/bfd/libbfd.c in bfd_getl64
https://notcve.org/view.php?id=CVE-2023-1579
03 Apr 2023 — Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64. A heap based buffer overflow was found in binutils-gdb/bfd/libbfd.c in bfd_getl64 in binutils. It was discovered that GNU binutils incorrectly handled certain DWARF files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 22.10. • https://security.gentoo.org/glsa/202309-15 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •