Gnu Binutils vulnerabilities

CVE-2016-4487 [MEDIUM] CVE-2016-4487: Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, re Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "btypevec."

CVE-2019-9074 [MEDIUM] CWE-125 CVE-2019-9074: An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c.

CVE-2021-20284 [MEDIUM] CWE-119 CVE-2021-20284: A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in _bfd_elf_slu A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c due to the number of symbols not calculated correctly. The highest threat from this vulnerability is to system availability.

CVE-2020-35507 [MEDIUM] CWE-476 CVE-2020-35507: There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 wh There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability.

CVE-2020-35495 [MEDIUM] CWE-476 CVE-2020-35495: There's a flaw in binutils /bfd/pef.c. An attacker who is able to submit a crafted input file to be There's a flaw in binutils /bfd/pef.c. An attacker who is able to submit a crafted input file to be processed by the objdump program could cause a null pointer dereference. The greatest threat from this flaw is to application availability. This flaw affects binutils versions prior to 2.34.

CVE-2018-13033 [MEDIUM] CWE-770 CVE-2018-13033: The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows r The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file, as demonstrated by _bfd_elf_parse_attributes in elf-attrs.c and bfd_malloc in libbfd.c. This can occur during execution of nm.

CVE-2018-10372 [MEDIUM] CWE-125 CVE-2018-10372: process_cu_tu_index in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of ser process_cu_tu_index in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted binary file, as demonstrated by readelf.

CVE-2018-6872 [MEDIUM] CWE-125 CVE-2018-6872: The elf_parse_notes function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as d The elf_parse_notes function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (out-of-bounds read and segmentation violation) via a note with a large alignment.

CVE-2017-9038 [MEDIUM] CWE-125 CVE-2017-9038: GNU Binutils 2.28 allows remote attackers to cause a denial of service (heap-based buffer over-read GNU Binutils 2.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to the byte_get_little_endian function in elfcomm.c, the get_unwind_section_word function in readelf.c, and ARM unwind information that contains invalid word offsets.

CVE-2017-9040 [MEDIUM] CWE-476 CVE-2017-9040: GNU Binutils 2017-04-03 allows remote attackers to cause a denial of service (NULL pointer dereferen GNU Binutils 2017-04-03 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash), related to the process_mips_specific function in readelf.c, via a crafted ELF file that triggers a large memory-allocation attempt.

CVE-2017-15022 [MEDIUM] CWE-476 CVE-2017-15022: dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2. dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the DW_AT_name data type, which allows remote attackers to cause a denial of service (bfd_hash_hash NULL pointer dereference, or out-of-bounds access, and application crash) via a crafted ELF file, related to scan_unit_for_symbol

CVE-2017-9041 [MEDIUM] CWE-125 CVE-2017-9041: GNU Binutils 2.28 allows remote attackers to cause a denial of service (heap-based buffer over-read GNU Binutils 2.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to MIPS GOT mishandling in the process_mips_specific function in readelf.c.

CVE-2018-18309 [MEDIUM] CWE-119 CVE-2018-18309: An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in read_reloc in reloc.c. The vulnerability causes a segmentation fault and application crash, which leads to denial of service, as demonstrated by objdump, because of missing _bfd

CVE-2018-20623 [MEDIUM] CWE-416 CVE-2018-20623: In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called fro In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called from the process_archive function in readelf.c via a crafted ELF file.

CVE-2016-4489 [MEDIUM] CVE-2016-4489: Integer overflow in the gnu_special function in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a cr Integer overflow in the gnu_special function in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to the "demangling of virtual tables."

CVE-2018-18701 [MEDIUM] CWE-835 CVE-2018-18701: An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Ther An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions next_is_type_qual() and cplus_demangle_type() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file,

CVE-2018-18700 [MEDIUM] CWE-835 CVE-2018-18700: An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Ther An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions d_name(), d_encoding(), and d_local_name() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as

CVE-2017-9954 [MEDIUM] CWE-125 CVE-2017-9954: The getvalue function in tekhex.c in the Binary File Descriptor (BFD) library (aka libbfd), as distr The getvalue function in tekhex.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted tekhex file, as demonstrated by mishandling within the nm program.

CVE-2017-6965 [MEDIUM] CWE-119 CVE-2017-6965: readelf in GNU Binutils 2.28 writes to illegal addresses while processing corrupt input files contai readelf in GNU Binutils 2.28 writes to illegal addresses while processing corrupt input files containing symbol-difference relocations, leading to a heap-based buffer overflow.

CVE-2020-35493 [MEDIUM] CWE-20 CVE-2020-35493: A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be p A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap buffer overflow -> out-of-bounds read that could lead to an impact to application availability. This flaw affects binutils versions prior to 2.34.