CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-18484 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2018-18484
18 Oct 2018 — An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack consumption problem caused by recursive stack frames: cplus_demangle_type, d_bare_function_type, d_function_type. Se ha descubierto una vulnerabilidad en cp-demangle.c en GNU libiberty, tal y como se distribuye en GNU Binutils 2.31. La pila se agota en las funciones demangling en C++ proporcionadas por libiberty y ... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html • CWE-674: Uncontrolled Recursion •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-18309 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2018-18309
15 Oct 2018 — An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in read_reloc in reloc.c. The vulnerability causes a segmentation fault and application crash, which leads to denial of service, as demonstrated by objdump, because of missing _bfd_clear_contents bounds checking. Se ha descubierto un problema en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distri... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-17985 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2018-17985
04 Oct 2018 — An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplus_demangle_type function making recursive calls to itself in certain scenarios involving many 'P' characters. Se ha descubierto una vulnerabilidad en cp-demangle.c en GNU libiberty, tal y como se distribuye en GNU Binutils 2.31. Hay un problema de consumo de pila causado por la función cplus_demangle_type que hace llamadas recursivas a sí misma en determinada... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-17794 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2018-17794
30 Sep 2018 — An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in work_stuff_copy_to_from when called from iterate_demangle_function. Se ha descubierto una vulnerabilidad en cplus-dem.c en GNU libiberty, tal y como se distribuye en GNU Binutils 2.31. Hay una desreferencia de puntero NULL enwork_stuff_copy_to_from al ser llamado desde iterate_demangle_function. USN-4336-1 fixed several vulnerabilities in GNU binutils. • https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87350 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-17358 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2018-17358
23 Sep 2018 — An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in _bfd_stab_section_find_nearest_line in syms.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file. Se ha detectado una vulnerabilidad en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distribuye en GNU Binutils 2.31. Existe un acceso a memoria no válid... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-17359 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2018-17359
23 Sep 2018 — An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in bfd_zalloc in opncls.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file. Se ha detectado una vulnerabilidad en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distribuye en GNU Binutils 2.31. Existe un acceso a memoria no válida en bfd_zalloc en opnc... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-17360 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2018-17360
23 Sep 2018 — An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfd_getl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executable objdump. Se ha detectado una vulnerabilidad en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distribuye en GNU Binutils 2.31. Una sobrelectura de búfer basada en memo... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-13033 – binutils: Uncontrolled Resource Consumption in execution of nm
https://notcve.org/view.php?id=CVE-2018-13033
01 Jul 2018 — The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file, as demonstrated by _bfd_elf_parse_attributes in elf-attrs.c and bfd_malloc in libbfd.c. This can occur during execution of nm. La biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.30 y anteriores permite que atacantes remotos provoquen... • http://www.securityfocus.com/bid/104584 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2CVE-2018-12934 – Ubuntu Security Notice USN-4336-2
https://notcve.org/view.php?id=CVE-2018-12934
28 Jun 2018 — remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM). This can occur during execution of cxxfilt. remember_Ktype en cplus-dem.c en GNU libiberty, tal y como viene distribuido en GNU Binutils 2.30, permite que los atacantes desencadenen un consumo de memoria excesivo (también conocido como OOM). Esto puede ocurrir durante la ejecución de cxxfilt. USN-4336-1 fixed several vulnerabilities in GNU binutils. This up... • https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763101 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 3CVE-2018-12697 – binutils: NULL pointer dereference in work_stuff_copy_to_from in cplus-dem.c.
https://notcve.org/view.php?id=CVE-2018-12697
23 Jun 2018 — A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump. Se ha descubierto una desreferencia de puntero NULL (también conocida como SEGV o dirección desconocida 0x000000000000) en work_stuff_copy_to_from en cplus-dem.c en GNU libiberty, tal y como se distribuye en aGNU Binutils 2.30. Esto puede ocurrir durante la ejecución de objdump. USN-... • http://www.securityfocus.com/bid/104538 • CWE-476: NULL Pointer Dereference •