CVE-2022-45703
https://notcve.org/view.php?id=CVE-2022-45703
Heap buffer overflow vulnerability in binutils readelf before 2.40 via function display_debug_section in file readelf.c. • https://security.netapp.com/advisory/ntap-20231006-0003 https://sourceware.org/bugzilla/show_bug.cgi?id=29799 • CWE-787: Out-of-bounds Write •
CVE-2022-47695
https://notcve.org/view.php?id=CVE-2022-47695
An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function bfd_mach_o_get_synthetic_symtab in match-o.c. • https://sourceware.org/bugzilla/show_bug.cgi?id=29846 • CWE-400: Uncontrolled Resource Consumption •
CVE-2022-48064
https://notcve.org/view.php?id=CVE-2022-48064
GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function bfd_dwarf2_find_nearest_line_with_alt at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3XKYUAIORNQ32IZUOZFURECZKEXOHX7Z https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KGSKF4GH7425S6XFDQMWTJGD5U47BAZN https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NSUNHSOWWLLNGHRM5TUBNCJHEYHPDX2M https://security.netapp.com/advisory/ntap-20231006-0008 https://sourceware.org/bugzilla/show_bug.cgi?id=29922 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git • CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2022-48065
https://notcve.org/view.php?id=CVE-2022-48065
GNU Binutils before 2.40 was discovered to contain a memory leak vulnerability var the function find_abstract_instance in dwarf2.c. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GLZXZXFX2ZWTDU2QZUSZG36LZZVTKUVG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KGSKF4GH7425S6XFDQMWTJGD5U47BAZN https://security.netapp.com/advisory/ntap-20231006-0008 https://sourceware.org/bugzilla/show_bug.cgi?id=29925 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=d28fbc7197ba0e021a43f873eff90b05dcdcff6a • CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2020-19189
https://notcve.org/view.php?id=CVE-2020-19189
Buffer Overflow vulnerability in postprocess_terminfo function in tinfo/parse_entry.c:997 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. Vulnerabilidad de Buffer Overflow en la función "postprocess_terminfo" en tinfo/parse_entry.c:997 en ncurses v6.1 que permite a atacantes remotos causar una denegación de servicios a través de un comando manipulado. • http://seclists.org/fulldisclosure/2023/Dec/10 http://seclists.org/fulldisclosure/2023/Dec/11 http://seclists.org/fulldisclosure/2023/Dec/9 https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc5.md https://lists.debian.org/debian-lts-announce/2023/09/msg00033.html https://security.netapp.com/advisory/ntap-20231006-0005 https://support.apple.com/kb/HT214036 https://support.apple.com/kb/HT214037 https://support.apple.com/kb/HT214038 • CWE-787: Out-of-bounds Write •