CVE-2014-8504Improper Restriction of Operations within the Bounds of a Memory Buffer in Binutils

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-121Stack-based Buffer Overflow17 documents8 sources
Severity
7.5HIGHNVD
EPSS
5.8%
top 9.49%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
GNU BinutilsCanonical Ubuntu LinuxFedoraproject Fedora
Timeline
PublishedDec 9
Latest updateMay 17

Description

Stack-based buffer overflow in the srec_scan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted file.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

Debiangnu/binutils< 2.24.90.20141104-1+3
NVDgnu/binutils2.24

Also affects: Fedora 19, 20, 21, Ubuntu Linux 10.04, 12.04, 14.04, 14.10

🔴Vulnerability Details

3
GHSA
GHSA-mc28-wwxw-q97x: Stack-based buffer overflow in the srec_scan function in bfd/srec2022-05-17
OSV
CVE-2014-8504: Stack-based buffer overflow in the srec_scan function in bfd/srec2014-12-09
CVEList
CVE-2014-8504: Stack-based buffer overflow in the srec_scan function in bfd/srec2014-12-09

📋Vendor Advisories

3
Ubuntu
GNU binutils vulnerabilities2015-02-09
Red Hat
binutils: stack overflow in the SREC parser2014-10-27
Debian
CVE-2014-8504: binutils - Stack-based buffer overflow in the srec_scan function in bfd/srec.c in GNU binut...2014

💬Community

10
Bugzilla
CVE-2014-8504 arm-none-eabi-binutils-cs: binutils: stack overflow in the SREC parser [fedora-all]2014-11-11
Bugzilla
CVE-2014-8504 binutils: stack overflow in the SREC parser [fedora-all]2014-11-11
Bugzilla
CVE-2014-8504 msp430-binutils: binutils: stack overflow in the SREC parser [fedora-all]2014-11-11
Bugzilla
CVE-2014-8504 avr-binutils: binutils: stack overflow in the SREC parser [fedora-all]2014-11-11
Bugzilla
CVE-2014-8504 binutils: stack overflow in the SREC parser2014-11-11
CVE-2014-8504 — GNU Binutils vulnerability | cvebase