CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14938 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-14938
29 Sep 2017 — _bfd_elf_slurp_version_tables in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file. _bfd_elf_slurp_version_tables en elf.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29 y anteriores permite que atacantes remotos provoquen una denegación de servicio (asignación exc... • http://www.securityfocus.com/bid/101212 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14940 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-14940
29 Sep 2017 — scan_unit_for_symbols in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file. scan_unit_for_symbols en dwarf2.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29 y anteriores permite que atacantes remotos provoquen una denegación de servicio (desreferencia de puntero NU... • https://blogs.gentoo.org/ago/2017/09/26/binutils-null-pointer-dereference-in-scan_unit_for_symbols-dwarf2-c • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2017-14939 – binutils 2.29.51.20170921 - 'read_1_byte' Heap Buffer Overflow
https://notcve.org/view.php?id=CVE-2017-14939
29 Sep 2017 — decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles a length calculation, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to read_1_byte. decode_line_info en dwarf2.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29 y anteriores, gestiona de manera incorrecta un cálcu... • https://packetstorm.news/files/id/144599 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14934
https://notcve.org/view.php?id=CVE-2017-14934
29 Sep 2017 — process_debug_info in dwarf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite loop) via a crafted ELF file that contains a negative size value in a CU structure. process_debug_info en dwarf.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29 y anteriores permite que atacantes remotos provoquen una denegación de servicio (bucle infinito... • http://www.securityfocus.com/bid/101204 • CWE-131: Incorrect Calculation of Buffer Size CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14930 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-14930
29 Sep 2017 — Memory leak in decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file. Existe una fuga de memoria en decode_line_info en dwarf2.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29 y anteriores, que permite que atacantes remotos provoquen una denegación de servicio (consumo de memo... • https://sourceware.org/bugzilla/show_bug.cgi?id=22191 • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14932 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-14932
29 Sep 2017 — decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite loop) via a crafted ELF file. decode_line_info en dwarf2.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29 y anteriores permite que atacantes remotos provoquen una denegación de servicio (bucle infinito) mediante un archivo ELF manipulado. USN-4336-1 fixed s... • https://sourceware.org/bugzilla/show_bug.cgi?id=22204 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14933 – Gentoo Linux Security Advisory 201811-17
https://notcve.org/view.php?id=CVE-2017-14933
29 Sep 2017 — read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite loop) via a crafted ELF file. read_formatted_entries en dwarf2.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29 y anteriores permite que atacantes remotos provoquen una denegación de servicio (bucle infinito) mediante un archivo ELF manipulado. Multip... • http://www.securityfocus.com/bid/101203 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14745
https://notcve.org/view.php?id=CVE-2017-14745
26 Sep 2017 — The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, interpret a -1 value as a sorting count instead of an error flag, which allows remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c. Las funciones *_get_synthetic_symtab en la biblioteca Binary File Descriptor (BFD) (también llamada libb... • https://sourceware.org/bugzilla/show_bug.cgi?id=22148 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14729
https://notcve.org/view.php?id=CVE-2017-14729
25 Sep 2017 — The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, do not ensure a unique PLT entry for a symbol, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c. Las funciones *_get_synthetic_symtab en la biblioteca Binary File Descriptor (BFD) (también llamada libbfd), tal ... • https://blogs.gentoo.org/ago/2017/09/25/binutils-heap-based-buffer-overflow-in-_bfd_x86_elf_get_synthetic_symtab-elfxx-x86-c • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14529 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2017-14529
18 Sep 2017 — The pe_print_idata function in peXXigen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles HintName vector entries, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted PE file, related to the bfd_getl16 function. La función pe_print_idata en peXXigen.c en la librería Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.29 y anteriores, ge... • https://sourceware.org/bugzilla/show_bug.cgi?id=22113 • CWE-125: Out-of-bounds Read •