Gnu Binutils vulnerabilities

CVE-2022-48064 [MEDIUM] CWE-770 CVE-2022-48064: GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function bfd_dwarf2_find_nearest_line_with_alt at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack.

CVE-2022-48063 [MEDIUM] CWE-400 CVE-2022-48063: GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function load_separate_debug_files at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack.

CVE-2025-69646 [MEDIUM] CWE-400 CVE-2025-69646: Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with ma Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug_rnglists data. A logic error in the handling of the debug_rnglists header can cause objdump to repeatedly print the same warning message and fail to terminate, resulting in an unbounded logging loop until the process is interrupted

CVE-2016-4492 [MEDIUM] CVE-2016-4492: Buffer overflow in the do_type function in cplus-dem Buffer overflow in the do_type function in cplus-dem.c in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary.

CVE-2018-10535 [MEDIUM] CWE-476 CVE-2018-10535: The ignore_section_sym function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), a The ignore_section_sym function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, does not validate the output_section pointer in the case of a symtab entry with a "SECTION" type that has a "0" value, which allows remote attackers to cause a denial of service (NULL pointer dereference and applica

CVE-2018-6759 [MEDIUM] CWE-20 CVE-2018-6759: The bfd_get_debug_link_info_1 function in opncls.c in the Binary File Descriptor (BFD) library (aka The bfd_get_debug_link_info_1 function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, has an unchecked strnlen operation. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) via a crafted ELF file.

CVE-2017-9039 [MEDIUM] CWE-770 CVE-2017-9039: GNU Binutils 2.28 allows remote attackers to cause a denial of service (memory consumption) via a cr GNU Binutils 2.28 allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file with many program headers, related to the get_program_headers function in readelf.c.

CVE-2018-8945 [MEDIUM] CWE-20 CVE-2018-8945: The bfd_section_from_shdr function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd) The bfd_section_from_shdr function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (segmentation fault) via a large attribute section.

CVE-2017-15021 [MEDIUM] CWE-125 CVE-2017-15021: bfd_get_debug_link_info_1 in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as d bfd_get_debug_link_info_1 in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to bfd_getl32.

CVE-2018-7642 [MEDIUM] CWE-476 CVE-2018-7642: The swap_std_reloc_in function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), The swap_std_reloc_in function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (aout_32_swap_std_reloc_out NULL pointer dereference and application crash) via a crafted ELF file, as demonstrated by objcopy.

CVE-2017-15939 [MEDIUM] CVE-2017-15939: dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2. dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles NULL files in a .debug_line file table, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to concat_filename. NOTE: this issue is caused by an incomplete

CVE-2017-9044 [MEDIUM] CWE-125 CVE-2017-9044: The print_symbol_for_build_attribute function in readelf.c in GNU Binutils 2017-04-12 allows remote The print_symbol_for_build_attribute function in readelf.c in GNU Binutils 2017-04-12 allows remote attackers to cause a denial of service (invalid read and SEGV) via a crafted ELF file.

CVE-2016-4493 [MEDIUM] CVE-2016-4493: The demangle_template_value_parm and do_hpacc_template_literal functions in cplus-dem The demangle_template_value_parm and do_hpacc_template_literal functions in cplus-dem.c in libiberty allow remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted binary.

CVE-2017-14529 [MEDIUM] CWE-125 CVE-2017-14529: The pe_print_idata function in peXXigen.c in the Binary File Descriptor (BFD) library (aka libbfd), The pe_print_idata function in peXXigen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles HintName vector entries, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted PE file, related to the bfd_getl16 function.

CVE-2017-13757 [MEDIUM] CWE-125 CVE-2017-13757: The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the PLT section size, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to elf_i386_get_synthetic_symtab in elf32-i386.c and elf_x86_64_get_syntheti

CVE-2019-14444 [MEDIUM] CWE-190 CVE-2019-14444: apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attacke apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf.

CVE-2018-17360 [MEDIUM] CWE-125 CVE-2018-17360: An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfd_getl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executable objdump.

CVE-2018-9996 [MEDIUM] CWE-674 CVE-2018-9996: An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_template_value_parm, demangle_integral_value, and demangle_expression.

CVE-2018-17985 [MEDIUM] CWE-400 CVE-2018-17985: An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Ther An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplus_demangle_type function making recursive calls to itself in certain scenarios involving many 'P' characters.

CVE-2019-9076 [MEDIUM] CWE-770 CVE-2019-9076: An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in elf_read_notes in elf.c.