Debian Binutils vulnerabilities

CVE-2017-9044 [MEDIUM] CVE-2017-9044: binutils - The print_symbol_for_build_attribute function in readelf.c in GNU Binutils 2017-... The print_symbol_for_build_attribute function in readelf.c in GNU Binutils 2017-04-12 allows remote attackers to cause a denial of service (invalid read and SEGV) via a crafted ELF file. Scope: local bookworm: resolved (fixed in 2.29-1) bullseye: resolved (fixed in 2.29-1) forky: resolved (fixed in 2.29-1) sid: resolved (fixed in 2.29-1) trixie: resolved (fixed in

CVE-2016-2226 [HIGH] CVE-2016-2226: binutils - Integer overflow in the string_appends function in cplus-dem.c in libiberty allo... Integer overflow in the string_appends function in cplus-dem.c in libiberty allows remote attackers to execute arbitrary code via a crafted executable, which triggers a buffer overflow. Scope: local bookworm: resolved (fixed in 2.27.51.20161102-1) bullseye: resolved (fixed in 2.27.51.20161102-1) forky: resolved (fixed in 2.27.51.20161102-1) sid: resolved (fixed in 2.

CVE-2016-6131 [HIGH] CVE-2016-6131: binutils - The demangler in GNU Libiberty allows remote attackers to cause a denial of serv... The demangler in GNU Libiberty allows remote attackers to cause a denial of service (infinite loop, stack overflow, and crash) via a cycle in the references of remembered mangled types. Scope: local bookworm: resolved (fixed in 2.27.51.20161102-1) bullseye: resolved (fixed in 2.27.51.20161102-1) forky: resolved (fixed in 2.27.51.20161102-1) sid: resolved (fixed in 2.

CVE-2016-4493 [MEDIUM] CVE-2016-4493: binutils - The demangle_template_value_parm and do_hpacc_template_literal functions in cplu... The demangle_template_value_parm and do_hpacc_template_literal functions in cplus-dem.c in libiberty allow remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted binary. Scope: local bookworm: resolved (fixed in 2.27.51.20161102-1) bullseye: resolved (fixed in 2.27.51.20161102-1) forky: resolved (fixed in 2.27.51.20161102-1) sid:

CVE-2016-4490 [MEDIUM] CVE-2016-4490: binutils - Integer overflow in cp-demangle.c in libiberty allows remote attackers to cause ... Integer overflow in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to inconsistent use of the long and int types for lengths. Scope: local bookworm: resolved (fixed in 2.27.51.20161102-1) bullseye: resolved (fixed in 2.27.51.20161102-1) forky: resolved (fixed in 2.27.51.20

CVE-2016-4492 [MEDIUM] CVE-2016-4492: binutils - Buffer overflow in the do_type function in cplus-dem.c in libiberty allows remot... Buffer overflow in the do_type function in cplus-dem.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary. Scope: local bookworm: resolved (fixed in 2.27.51.20161102-1) bullseye: resolved (fixed in 2.27.51.20161102-1) forky: resolved (fixed in 2.27.51.20161102-1) sid: resolved (fixed in 2.27.51.2016

CVE-2016-4489 [MEDIUM] CVE-2016-4489: binutils - Integer overflow in the gnu_special function in libiberty allows remote attacker... Integer overflow in the gnu_special function in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to the "demangling of virtual tables." Scope: local bookworm: resolved (fixed in 2.27.51.20161102-1) bullseye: resolved (fixed in 2.27.51.20161102-1) forky: resolved (fixed in 2.27.51.20161102-1)

CVE-2016-4487 [MEDIUM] CVE-2016-4487: binutils - Use-after-free vulnerability in libiberty allows remote attackers to cause a den... Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "btypevec." Scope: local bookworm: resolved (fixed in 2.27.51.20161102-1) bullseye: resolved (fixed in 2.27.51.20161102-1) forky: resolved (fixed in 2.27.51.20161102-1) sid: resolved (fixed in 2.27.51.2016110

CVE-2016-4491 [MEDIUM] CVE-2016-4491: binutils - The d_print_comp function in cp-demangle.c in libiberty allows remote attackers ... The d_print_comp function in cp-demangle.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, which triggers infinite recursion and a buffer overflow, related to a node having "itself as ancestor more than once." Scope: local bookworm: resolved (fixed in 2.28-3) bullseye: resolved (fixed in 2.28-3)

CVE-2016-4488 [MEDIUM] CVE-2016-4488: binutils - Use-after-free vulnerability in libiberty allows remote attackers to cause a den... Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "ktypevec." Scope: local bookworm: resolved (fixed in 2.27.51.20161102-1) bullseye: resolved (fixed in 2.27.51.20161102-1) forky: resolved (fixed in 2.27.51.20161102-1) sid: resolved (fixed in 2.27.51.2016110

CVE-2014-9939 [CRITICAL] CVE-2014-9939: binutils - ihex.c in GNU Binutils before 2.26 contains a stack buffer overflow when printin... ihex.c in GNU Binutils before 2.26 contains a stack buffer overflow when printing bad bytes in Intel Hex objects. Scope: local bookworm: resolved (fixed in 2.25.90.20151125-1) bullseye: resolved (fixed in 2.25.90.20151125-1) forky: resolved (fixed in 2.25.90.20151125-1) sid: resolved (fixed in 2.25.90.20151125-1) trixie: resolved (fixed in 2.25.90.20151125-1)

CVE-2014-8504 [HIGH] CVE-2014-8504: binutils - Stack-based buffer overflow in the srec_scan function in bfd/srec.c in GNU binut... Stack-based buffer overflow in the srec_scan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted file. Scope: local bookworm: resolved (fixed in 2.24.90.20141104-1) bullseye: resolved (fixed in 2.24.90.20141104-1) forky: resolved (fixed in 2.24.90

CVE-2014-8485 [HIGH] CVE-2014-8485: binutils - The setup_group function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier... The setup_group function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted section group headers in an ELF file. Scope: local bookworm: resolved (fixed in 2.24.90.20141104-1) bullseye: resolved (fixed in 2.24.90.20141104-1) forky: resolved (fixed in 2.24

CVE-2014-8501 [HIGH] CVE-2014-8501: binutils - The _bfd_XXi_swap_aouthdr_in function in bfd/peXXigen.c in GNU binutils 2.24 and... The _bfd_XXi_swap_aouthdr_in function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) and possibly have other unspecified impact via a crafted NumberOfRvaAndSizes field in the AOUT header in a PE executable. Scope: local bookworm: resolved (fixed in 2.24.90.20141104-1) bullseye: resolved (f

CVE-2014-8502 [HIGH] CVE-2014-8502: binutils - Heap-based buffer overflow in the pe_print_edata function in bfd/peXXigen.c in G... Heap-based buffer overflow in the pe_print_edata function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a truncated export table in a PE file. Scope: local bookworm: resolved (fixed in 2.24.90.20141104-1) bullseye: resolved (fixed in 2.24.90.20141104-1) fo

CVE-2014-8503 [HIGH] CVE-2014-8503: binutils - Stack-based buffer overflow in the ihex_scan function in bfd/ihex.c in GNU binut... Stack-based buffer overflow in the ihex_scan function in bfd/ihex.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted ihex file. Scope: local bookworm: resolved (fixed in 2.24.90.20141104-1) bullseye: resolved (fixed in 2.24.90.20141104-1) forky: resolved (fixed in 2.

CVE-2014-8484 [MEDIUM] CVE-2014-8484: binutils - The srec_scan function in bfd/srec.c in libdbfd in GNU binutils before 2.25 allo... The srec_scan function in bfd/srec.c in libdbfd in GNU binutils before 2.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a small S-record. Scope: local bookworm: resolved (fixed in 2.24.51.20140903-1) bullseye: resolved (fixed in 2.24.51.20140903-1) forky: resolved (fixed in 2.24.51.20140903-1) sid: resolved (fixed in 2.24.51.201409

CVE-2014-8738 [MEDIUM] CVE-2014-8738: binutils - The _bfd_slurp_extended_name_table function in bfd/archive.c in GNU binutils 2.2... The _bfd_slurp_extended_name_table function in bfd/archive.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (invalid write, segmentation fault, and crash) via a crafted extended name table in an archive. Scope: local bookworm: resolved (fixed in 2.24.90.20141124-1) bullseye: resolved (fixed in 2.24.90.20141124-1) forky: resolv

CVE-2014-8737 [LOW] CVE-2014-8737: binutils - Multiple directory traversal vulnerabilities in GNU binutils 2.24 and earlier al... Multiple directory traversal vulnerabilities in GNU binutils 2.24 and earlier allow local users to delete arbitrary files via a .. (dot dot) or full path name in an archive to (1) strip or (2) objcopy or create arbitrary files via (3) a .. (dot dot) or full path name in an archive to ar. Scope: local bookworm: resolved (fixed in 2.24.90.20141124-1) bullseye: resolved

CVE-2012-3509 [MEDIUM] CVE-2012-3509: binutils - Multiple integer overflows in the (1) _objalloc_alloc function in objalloc.c and... Multiple integer overflows in the (1) _objalloc_alloc function in objalloc.c and (2) objalloc_alloc macro in include/objalloc.h in GNU libiberty, as used by binutils 2.22, allow remote attackers to cause a denial of service (crash) via vectors related to the "addition of CHUNK_HEADER_SIZE to the length," which triggers a heap-based buffer overflow. Scope: local boo