CVSS: 7.8EPSS: 1%CPEs: 4EXPL: 0CVE-2018-7208 – binutils: Improper bounds check in coffgen.c:coff_pointerize_aux() allows for denial of service when parsing a crafted COFF file
https://notcve.org/view.php?id=CVE-2018-7208
In the coff_pointerize_aux function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, an index is not validated, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted file, as demonstrated by objcopy of a COFF object. En la función coff_pointerize_aux en coffgen.c en la biblioteca Binary File Descriptor (BFD), también conocida como libbfd, tal y como se distribuye en GNU Binutils 2.30, no se valida un índice. Esto permite que atacantes remotos provoquen una denegación de servicio (fallo de segmentación) o que pueda provocar otro tipo de impacto sin especificar mediante un archivo manipulado, tal y como demuestra un objcopy de un objeto COFF. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html http://www.securityfocus.com/bid/103077 https://access.redhat.com/errata/RHBA-2019:0327 https://access.redhat.com/errata/RHSA-2018:3032 https://security.gentoo.org/glsa/201811-17 https://sourceware.org/bugzilla/show_bug.cgi?id=22741 https://access.redhat.com/security/cve/CVE-2018-7208 https://bugzilla.redhat.com/show_bug.cgi?id=15 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 1%CPEs: 4EXPL: 0CVE-2018-6951
https://notcve.org/view.php?id=CVE-2018-6951
An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function in pch.c, aka a "mangled rename" issue. Se ha descubierto un problema hasta la versión 2.7.6 de GNU patch. Hay un fallo de segmentación, asociado con una desreferencia de puntero NULL, que conduce a una denegación de servicio (DoS) en la función intuit_diff_type en pch.c. Esto también se conoce como problema "mangled rename". • http://www.securityfocus.com/bid/103044 https://git.savannah.gnu.org/cgit/patch.git/commit/?id=f290f48a621867084884bfff87f8093c15195e6a https://savannah.gnu.org/bugs/index.php?53132 https://security.gentoo.org/glsa/201904-17 https://usn.ubuntu.com/3624-1 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 3%CPEs: 1EXPL: 0CVE-2018-6952 – patch: Double free of memory in pch.c:another_hunk() causes a crash
https://notcve.org/view.php?id=CVE-2018-6952
A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6. Existe una doble liberación (double free) en la función another_hunk en pch.c en GNU patch hasta la versión 2.7.6. A double-free flaw was found in the way the patch utility processed patch files. An attacker could potentially use this flaw to crash the patch utility by tricking it into processing crafted patches. • http://www.securityfocus.com/bid/103047 https://access.redhat.com/errata/RHSA-2019:2033 https://savannah.gnu.org/bugs/index.php?53133 https://security.gentoo.org/glsa/201904-17 https://access.redhat.com/security/cve/CVE-2018-6952 https://bugzilla.redhat.com/show_bug.cgi?id=1545053 • CWE-415: Double Free CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-10713 – patch: Out-of-bounds access in pch_write_line function in pch.c
https://notcve.org/view.php?id=CVE-2016-10713
An issue was discovered in GNU patch before 2.7.6. Out-of-bounds access within pch_write_line() in pch.c can possibly lead to DoS via a crafted input file. Se ha descubierto un problema en versiones anteriores a la 2.7.6 de GNU patch. El acceso fuera de límites en pch_write_line() en pch.c puede conducir a DoS mediante un archivo de entradas manipulado. A heap-based out-of-bounds read flaw was found in the way the patch utility parsed patch files. • http://www.securityfocus.com/bid/103063 https://access.redhat.com/errata/RHSA-2019:2033 https://git.savannah.gnu.org/cgit/patch.git/commit/src/pch.c?id=a0d7fe4589651c64bd16ddaaa634030bb0455866 https://usn.ubuntu.com/3624-1 https://usn.ubuntu.com/3624-2 https://access.redhat.com/security/cve/CVE-2016-10713 https://bugzilla.redhat.com/show_bug.cgi?id=1545405 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-6872
https://notcve.org/view.php?id=CVE-2018-6872
The elf_parse_notes function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (out-of-bounds read and segmentation violation) via a note with a large alignment. La función elf_parse_notes en elf.c en la biblioteca Binary File Descriptor (BFD), conocida como libbfd, tal y como se distribuye en GNU Binutils 2.30, permite que atacantes remotos provoquen una denegación de servicio (lectura fuera de límites y violación de segmentación) mediante una nota con una alineación larga. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00072.html http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00008.html http://www.securityfocus.com/bid/103103 https://security.gentoo.org/glsa/201811-17 https://sourceware.org/bugzilla/show_bug.cgi?id=22788 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Ba=commit%3Bh=ef135d4314fd4c2d7da66b9d7b59af4a85b0f7e6 • CWE-125: Out-of-bounds Read •