Gnu Binutils vulnerabilities

CVE-2017-15024 [MEDIUM] CWE-835 CVE-2017-15024: find_abstract_instance_name in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as find_abstract_instance_name in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file.

CVE-2017-14974 [MEDIUM] CWE-476 CVE-2017-14974: The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as di The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandle the failure of a certain canonicalization step, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to elf32-i386.c and e

CVE-2017-14932 [MEDIUM] CWE-835 CVE-2017-14932: decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distribute decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite loop) via a crafted ELF file.

CVE-2017-14934 [MEDIUM] CWE-131 CVE-2017-14934: process_debug_info in dwarf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distribut process_debug_info in dwarf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite loop) via a crafted ELF file that contains a negative size value in a CU structure.

CVE-2017-14938 [MEDIUM] CWE-770 CVE-2017-14938: _bfd_elf_slurp_version_tables in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as _bfd_elf_slurp_version_tables in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file.

CVE-2017-14930 [MEDIUM] CWE-772 CVE-2017-14930: Memory leak in decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd) Memory leak in decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file.

CVE-2017-14940 [MEDIUM] CWE-476 CVE-2017-14940: scan_unit_for_symbols in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distr scan_unit_for_symbols in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file.

CVE-2017-14939 [MEDIUM] CWE-125 CVE-2017-14939: decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distribute decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles a length calculation, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to read_1_byte.

CVE-2017-14933 [MEDIUM] CWE-835 CVE-2017-14933: read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as dist read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite loop) via a crafted ELF file.

CVE-2017-14745 [HIGH] CWE-190 CVE-2017-14745: The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as di The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, interpret a -1 value as a sorting count instead of an error flag, which allows remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact via a crafted

CVE-2017-14729 [HIGH] CWE-119 CVE-2017-14729: The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as di The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, do not ensure a unique PLT entry for a symbol, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file

CVE-2017-14529 [MEDIUM] CWE-125 CVE-2017-14529: The pe_print_idata function in peXXigen.c in the Binary File Descriptor (BFD) library (aka libbfd), The pe_print_idata function in peXXigen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles HintName vector entries, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted PE file, related to the bfd_getl16 function.

CVE-2017-14333 [HIGH] CWE-190 CVE-2017-14333: The process_version_sections function in readelf.c in GNU Binutils 2.29 allows attackers to cause a The process_version_sections function in readelf.c in GNU Binutils 2.29 allows attackers to cause a denial of service (Integer Overflow, and hang because of a time-consuming loop) or possibly have unspecified other impact via a crafted binary file with invalid values of ent.vn_next, during "readelf -a" execution.

CVE-2017-14130 [MEDIUM] CWE-125 CVE-2017-14130: The _bfd_elf_parse_attributes function in elf-attrs.c in the Binary File Descriptor (BFD) library (a The _bfd_elf_parse_attributes function in elf-attrs.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (_bfd_elf_attr_strdup heap-based buffer over-read and application crash) via a crafted ELF file.

CVE-2017-14129 [MEDIUM] CWE-125 CVE-2017-14129: The read_section function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as d The read_section function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (parse_comp_unit heap-based buffer over-read and application crash) via a crafted ELF file.

CVE-2017-14128 [MEDIUM] CWE-125 CVE-2017-14128: The decode_line_info function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), The decode_line_info function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (read_1_byte heap-based buffer over-read and application crash) via a crafted ELF file.

CVE-2017-13757 [MEDIUM] CWE-125 CVE-2017-13757: The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the PLT section size, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to elf_i386_get_synthetic_symtab in elf32-i386.c and elf_x86_64_get_syntheti

CVE-2017-13716 [MEDIUM] CWE-770 CVE-2017-13716: The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, a The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd).

CVE-2017-13710 [HIGH] CWE-476 CVE-2017-13710: The setup_group function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distr The setup_group function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a group section that is too small.

CVE-2017-12967 [MEDIUM] CWE-125 CVE-2017-12967: The getsym function in tekhex.c in the Binary File Descriptor (BFD) library (aka libbfd), as distrib The getsym function in tekhex.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a malformed tekhex binary.