Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu binutils 2.28 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-7301
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in bfd/aoutx.h that has an off-by-one vulnerability because it does not carefully check the string offset. The vulnerability could lead to a GNU linke...
Gnu Binutils 2.28
7.5
CVSSv3
CVE-2017-7304
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read (of size 8) because of missing a check (in the copy_special_section_fields function) for an invalid sh_link field before attempting to follow it. This vuln...
Gnu Binutils 2.28
7.5
CVSSv3
CVE-2017-7227
GNU linker (ld) in GNU Binutils 2.28 is vulnerable to a heap-based buffer overflow while processing a bogus input script, leading to a program crash. This relates to lack of '\0' termination of a name field in ldlex.l.
Gnu Binutils 2.28
7.5
CVSSv3
CVE-2017-7223
GNU assembler in GNU Binutils 2.28 is vulnerable to a global buffer overflow (of size 1) while attempting to unget an EOF character from the input stream, potentially leading to a program crash.
Gnu Binutils 2.28
7.5
CVSSv3
CVE-2017-7225
The find_nearest_line function in addr2line in GNU Binutils 2.28 does not handle the case where the main file name and the directory name are both empty, triggering a NULL pointer dereference and an invalid write, and leading to a program crash.
Gnu Binutils 2.28
5.5
CVSSv3
CVE-2017-9955
The get_build_id function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file in which a certai...
Gnu Binutils 2.28
5.5
CVSSv3
CVE-2017-9954
The getvalue function in tekhex.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote malicious users to cause a denial of service (stack-based buffer over-read and application crash) via a crafted tekhex file, as demonstra...
Gnu Binutils 2.28
5.5
CVSSv3
CVE-2017-9038
GNU Binutils 2.28 allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to the byte_get_little_endian function in elfcomm.c, the get_unwind_section_word function in readelf.c, and ARM unwind ...
Gnu Binutils 2.28
5.5
CVSSv3
CVE-2017-9040
GNU Binutils 2017-04-03 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash), related to the process_mips_specific function in readelf.c, via a crafted ELF file that triggers a large memory-allocation attempt.
Gnu Binutils 2.28
5.5
CVSSv3
CVE-2017-9039
GNU Binutils 2.28 allows remote malicious users to cause a denial of service (memory consumption) via a crafted ELF file with many program headers, related to the get_program_headers function in readelf.c.
Gnu Binutils 2.28
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »