Page 43 of 460 results (0.013 seconds)

CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 1

There's a flaw in binutils /bfd/pef.c. An attacker who is able to submit a crafted input file to be processed by the objdump program could cause a null pointer dereference. The greatest threat from this flaw is to application availability. This flaw affects binutils versions prior to 2.34. Se presenta un fallo en el archivo /bfd/pef.c de binutils. • https://bugzilla.redhat.com/show_bug.cgi?id=1911441 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4KOK3QWSVOUJWJ54HVGIFWNLWQ5ZY4S6 https://security.gentoo.org/glsa/202107-24 https://security.netapp.com/advisory/ntap-20210212-0007 • CWE-476: NULL Pointer Dereference •

CVSS: 6.1EPSS: 0%CPEs: 9EXPL: 1

There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted input file to be processed by binutils could cause usage of uninitialized memory. The highest threat is to application availability with a lower threat to data confidentiality. This flaw affects binutils versions prior to 2.34. Se presenta un fallo en el archivo /opcodes/tic4x-dis.c de binutils. • https://bugzilla.redhat.com/show_bug.cgi?id=1911439 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4KOK3QWSVOUJWJ54HVGIFWNLWQ5ZY4S6 https://security.gentoo.org/glsa/202107-24 https://security.netapp.com/advisory/ntap-20210212-0007 • CWE-908: Use of Uninitialized Resource •

CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 1

A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap buffer overflow -> out-of-bounds read that could lead to an impact to application availability. This flaw affects binutils versions prior to 2.34. Se presenta un fallo en el archivo bfd/pef.c de binutils. Un atacante que pueda enviar un archivo PEF diseñado para que sea analizado por objdump podría causar un desbordamiento del búfer de pila -) lectura fuera de límites que podría tener un impacto en la disponibilidad de la aplicación. • https://bugzilla.redhat.com/show_bug.cgi?id=1911437 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4KOK3QWSVOUJWJ54HVGIFWNLWQ5ZY4S6 https://security.gentoo.org/glsa/202107-24 https://security.netapp.com/advisory/ntap-20210212-0007 • CWE-20: Improper Input Validation •

CVSS: 7.1EPSS: 2%CPEs: 11EXPL: 0

The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read. La funcionalidad iconv en la biblioteca GNU C (también se conoce como glibc o libc6) versiones hasta 2.32, cuando se procesan secuencias de entrada multibyte no válidas en la codificación EUC-KR, puede tener una lectura excesiva del búfer. A flaw was found in glibc. When processing input in the EUC-KR encoding, an invalid input sequence could cause glibc to read beyond the end of a buffer, resulting in a segmentation fault. The highest threat from this vulnerability is to system availability. • https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f%40%3Cjira.kafka.apache.org%3E https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7%40%3Cdev.kafka.apache.org%3E https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2%40%3Cjira.kafka.apache.org%3E https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9%40%3Cjira.kafka.apache.org%3E https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff%40%3Cj • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 1

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35.1. A heap-based buffer over-read can occur in bfd_getl_signed_32 in libbfd.c because sh_entsize is not validated in _bfd_elf_slurp_secondary_reloc_section in elf.c. Se detectó un problema en la biblioteca Binary File Descriptor (BFD) (también se conoce como libbfd), distribuida en GNU Binutils versión 2.35.1. Una lectura excesiva de búfer en la región heap de la memoria puede ocurrir en la función bfd_getl_signed_32 en el archivo libbfd.c porque sh_entsize no está comprobado en la función _bfd_elf_slurp_secondary_reloc_section en el archivo elf.c • https://security.gentoo.org/glsa/202107-24 https://security.netapp.com/advisory/ntap-20210129-0008 https://sourceware.org/bugzilla/show_bug.cgi?id=26574 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=8642dafaef21aa6747cec01df1977e9c52eb4679 https://access.redhat.com/security/cve/CVE-2020-35448 https://bugzilla.redhat.com/show_bug.cgi?id=1950478 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •