Debian Binutils vulnerabilities

CVE-2017-9743 [HIGH] CVE-2017-9743: binutils - The print_insn_score32 function in opcodes/score7-dis.c:552 in GNU Binutils 2.28... The print_insn_score32 function in opcodes/score7-dis.c:552 in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. Scope: local bookworm: resolved (fixed in 2.29-1) b

CVE-2017-14129 [MEDIUM] CVE-2017-14129: binutils - The read_section function in dwarf2.c in the Binary File Descriptor (BFD) librar... The read_section function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (parse_comp_unit heap-based buffer over-read and application crash) via a crafted ELF file. Scope: local bookworm: resolved (fixed in 2.29-10) bullseye: resolved (fixed in 2.29-10

CVE-2017-9749 [HIGH] CVE-2017-9749: binutils - The *regs* macros in opcodes/bfin-dis.c in GNU Binutils 2.28 allow remote attack... The *regs* macros in opcodes/bfin-dis.c in GNU Binutils 2.28 allow remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. Scope: local bookworm: resolved (fixed in 2.29-1) bullseye: resolved (fi

CVE-2017-16829 [HIGH] CVE-2017-16829: binutils - The _bfd_elf_parse_gnu_properties function in elf-properties.c in the Binary Fil... The _bfd_elf_parse_gnu_properties function in elf-properties.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not prevent negative pointers, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a crafted ELF file. Sco

CVE-2017-15020 [HIGH] CVE-2017-15020: binutils - dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distribute... dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles pointers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file, related to parse_die and parse_line_table, as demonstrated by a parse_die heap-based buffer over-

CVE-2017-15996 [HIGH] CVE-2017-15996: binutils - elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a den... elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service (excessive memory allocation) or possibly have unspecified other impact via a crafted ELF file that triggers a "buffer overflow on fuzzed archive header," related to an uninitialized variable, an improper conditional jump, and the get_archive_member_name, process_archive_

CVE-2017-9755 [HIGH] CVE-2017-9755: binutils - opcodes/i386-dis.c in GNU Binutils 2.28 does not consider the number of register... opcodes/i386-dis.c in GNU Binutils 2.28 does not consider the number of registers for bnd mode, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. Scope: local bookworm: resolve

CVE-2017-14933 [MEDIUM] CVE-2017-14933: binutils - read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) library (... read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite loop) via a crafted ELF file. Scope: local bookworm: resolved (fixed in 2.29.90.20180122-1) bullseye: resolved (fixed in 2.29.90.20180122-1) forky: resolved (fixed in 2.29.

CVE-2017-17124 [HIGH] CVE-2017-17124: binutils - The _bfd_coff_read_string_table function in coffgen.c in the Binary File Descrip... The _bfd_coff_read_string_table function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not properly validate the size of the external string table, which allows remote attackers to cause a denial of service (excessive memory consumption, or heap-based buffer overflow and application crash) or poss

CVE-2017-17121 [HIGH] CVE-2017-17121: binutils - The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Bin... The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (memory access violation) or possibly have unspecified other impact via a COFF binary in which a relocation refers to a location after the end of the to-be-relocated section. Scope: local bookworm: resolved (fixed in 2.2

CVE-2017-16830 [HIGH] CVE-2017-16830: binutils - The print_gnu_property_note function in readelf.c in GNU Binutils 2.29.1 does no... The print_gnu_property_note function in readelf.c in GNU Binutils 2.29.1 does not have integer-overflow protection on 32-bit platforms, which allows remote attackers to cause a denial of service (segmentation violation and application crash) or possibly have unspecified other impact via a crafted ELF file. Scope: local bookworm: resolved (fixed in 2.29.90.20180122-

CVE-2017-15024 [MEDIUM] CVE-2017-15024: binutils - find_abstract_instance_name in dwarf2.c in the Binary File Descriptor (BFD) libr... find_abstract_instance_name in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file. Scope: local bookworm: resolved (fixed in 2.29.90.20180122-1) bullseye: resolved (fixed in 2.29.90.20180122-1)

CVE-2017-14930 [MEDIUM] CVE-2017-14930: binutils - Memory leak in decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) ... Memory leak in decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file. Scope: local bookworm: resolved (fixed in 2.29.90.20180122-1) bullseye: resolved (fixed in 2.29.90.20180122-1) forky: resolved (

CVE-2017-15021 [MEDIUM] CVE-2017-15021: binutils - bfd_get_debug_link_info_1 in opncls.c in the Binary File Descriptor (BFD) librar... bfd_get_debug_link_info_1 in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to bfd_getl32. Scope: local bookworm: resolved (fixed in 2.29.90.20180122-1) bullseye: resolved

CVE-2017-9041 [MEDIUM] CVE-2017-9041: binutils - GNU Binutils 2.28 allows remote attackers to cause a denial of service (heap-bas... GNU Binutils 2.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to MIPS GOT mishandling in the process_mips_specific function in readelf.c. Scope: local bookworm: resolved (fixed in 2.28-6) bullseye: resolved (fixed in 2.28-6) forky: resolved (fixed in 2.28-6) sid: resolved (

CVE-2017-14939 [MEDIUM] CVE-2017-14939: binutils - decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka li... decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles a length calculation, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to read_1_byte. Scope: local bookworm: resolved (fixed in 2.29.90

CVE-2017-17125 [HIGH] CVE-2017-17125: binutils - nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global symbols, whic... nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global symbols, which allows remote attackers to cause a denial of service (_bfd_elf_get_symbol_version_string buffer over-read and application crash) or possibly have unspecified other impact via a crafted ELF file. Scope: local bookworm: resolved (fixed in 2.29.90.20180122-1) bullseye: resolved (fixed in

CVE-2017-9753 [HIGH] CVE-2017-9753: binutils - The versados_mkobject function in bfd/versados.c in the Binary File Descriptor (... The versados_mkobject function in bfd/versados.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, does not initialize a certain data structure, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstr

CVE-2017-17123 [MEDIUM] CVE-2017-17123: binutils - The coff_slurp_reloc_table function in coffcode.h in the Binary File Descriptor ... The coff_slurp_reloc_table function in coffcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted COFF based file. Scope: local bookworm: resolved (fixed in 2.29.90.20180122-1) bullseye: resolved (fix

CVE-2017-7209 [MEDIUM] CVE-2017-7209: binutils - The dump_section_as_bytes function in readelf in GNU Binutils 2.28 accesses a NU... The dump_section_as_bytes function in readelf in GNU Binutils 2.28 accesses a NULL pointer while reading section contents in a corrupt binary, leading to a program crash. Scope: local bookworm: resolved (fixed in 2.28-3) bullseye: resolved (fixed in 2.28-3) forky: resolved (fixed in 2.28-3) sid: resolved (fixed in 2.28-3) trixie: resolved (fixed in 2.28-3)