CVSS: 9.8EPSS: 2%CPEs: 2EXPL: 3CVE-2018-12699 – binutils: heap-based buffer overflow in finish_stab in stabs.c
https://notcve.org/view.php?id=CVE-2018-12699
23 Jun 2018 — finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump. finish_stab en stabs.c en GNU Binutils 2.30 permite que los atacantes provoquen una denegación de servicio (desbordamiento de búfer basado en memoria dinámica o heap) u otro tipo de impacto sin especificar. Esto queda demostrado con una escritura fuera... • http://www.securityfocus.com/bid/104540 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3CVE-2018-12698 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2018-12698
23 Jun 2018 — demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of objdump. demangle_template en cplus-dem.c en GNU libiberty, tal y como se distribuye en GNU Binutils 2.30, permite que los atacantes desencadenen un consumo de memoria excesivo (también conocido como OOM) durante la llamada XNEWVEC "Create... • http://www.securityfocus.com/bid/104539 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3CVE-2018-12697 – binutils: NULL pointer dereference in work_stuff_copy_to_from in cplus-dem.c.
https://notcve.org/view.php?id=CVE-2018-12697
23 Jun 2018 — A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump. Se ha descubierto una desreferencia de puntero NULL (también conocida como SEGV o dirección desconocida 0x000000000000) en work_stuff_copy_to_from en cplus-dem.c en GNU libiberty, tal y como se distribuye en aGNU Binutils 2.30. Esto puede ocurrir durante la ejecución de objdump. USN-... • http://www.securityfocus.com/bid/104538 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-12641 – binutils: Stack Exhaustion in the demangling functions provided by libiberty
https://notcve.org/view.php?id=CVE-2018-12641
22 Jun 2018 — An issue was discovered in arm_pt in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_arm_hp_template, demangle_class_name, demangle_fund_type, do_type, do_arg, demangle_args, and demangle_nested_args. This can occur during execution of nm-new. Se ha descubierto un problema en arm_pt en cplus-dem.c en GNU libiberty, tal y como se distribuye en GNU Binutils 2.30. La ... • https://access.redhat.com/errata/RHSA-2019:2075 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.8EPSS: 1%CPEs: 12EXPL: 0CVE-2018-11236 – glibc: Integer overflow in stdlib/canonicalize.c on 32-bit architectures leading to stack-based buffer overflow
https://notcve.org/view.php?id=CVE-2018-11236
18 May 2018 — stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution. stdlib/canonicalize.c en GNU C Library (también conocida como glibc o libc6), en versiones 2.27 y anteriores, al procesar argumentos con un nombre de ruta muy largo en la función realpath, podría encontrarse con u... • http://www.securityfocus.com/bid/104255 • CWE-121: Stack-based Buffer Overflow CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 2CVE-2018-11237 – glibc: Buffer overflow in __mempcpy_avx512_no_vzeroupper
https://notcve.org/view.php?id=CVE-2018-11237
18 May 2018 — An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper. Una implementación optimizada para AVX-512 de la función mempcpy en GNU C Library (también conocido como glibc o libc6), en versiones 2.27 y anteriores, podría escribir datos más allá del búfer objetivo, lo que desemboca en un desbordamiento de búfer en __mempcpy_avx512_no_vzeroupper. A ... • https://packetstorm.news/files/id/147870 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-18269 – Ubuntu Security Notice USN-4416-1
https://notcve.org/view.php?id=CVE-2017-18269
18 May 2018 — An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution. Una implementación memmove optimiza... • https://github.com/fingolfin/memmove-bug • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.1EPSS: 3%CPEs: 12EXPL: 3CVE-2018-0494 – GNU wget - Cookie Injection
https://notcve.org/view.php?id=CVE-2018-0494
06 May 2018 — GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the resp_new function in http.c via a \r\n sequence in a continuation line. GNU Wget en versiones anteriores a la 1.19.5 es propenso a una vulnerabilidad de inyección de cookies en la función resp_new en http.c mediante una secuencia \r\n en una línea de continuación. A cookie injection flaw was found in wget. An attacker can create a malicious website which, when accessed, overrides cookies belonging to arbitrary domains. Harry Sintonen... • https://packetstorm.news/files/id/147517 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-10534 – binutils: out of bounds memory write in peXXigen.c files
https://notcve.org/view.php?id=CVE-2018-10534
29 Apr 2018 — The _bfd_XX_bfd_copy_private_bfd_data_common function in peXXigen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, processes a negative Data Directory size with an unbounded loop that increases the value of (external_IMAGE_DEBUG_DIRECTORY) *edd so that the address exceeds its own memory region, resulting in an out-of-bounds memory write, as demonstrated by objcopy copying private info with _bfd_pex64_bfd_copy_private_bfd_data_common in pex64igen.c. La función ... • http://www.securityfocus.com/bid/104025 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-10535 – binutils: NULL pointer dereference in elf.c
https://notcve.org/view.php?id=CVE-2018-10535
29 Apr 2018 — The ignore_section_sym function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, does not validate the output_section pointer in the case of a symtab entry with a "SECTION" type that has a "0" value, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file, as demonstrated by objcopy. La función ignore_section_sym en elf.c en la biblioteca Binary File Descriptor (BFD), también conocid... • http://www.securityfocus.com/bid/104021 • CWE-476: NULL Pointer Dereference •