Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu binutils vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-7224
The find_nearest_line function in objdump in GNU Binutils 2.28 is vulnerable to an invalid write (of size 1) while disassembling a corrupt binary that contains an empty function name, leading to a program crash.
Gnu Binutils 2.28
5
CVSSv2
CVE-2017-7225
The find_nearest_line function in addr2line in GNU Binutils 2.28 does not handle the case where the main file name and the directory name are both empty, triggering a NULL pointer dereference and an invalid write, and leading to a program crash.
Gnu Binutils 2.28
4.3
CVSSv2
CVE-2017-7299
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an invalid read (of size 8) because the code to emit relocs (bfd_elf_final_link function in bfd/elflink.c) does not check the format of the input file before trying to read the ELF rel...
Gnu Binutils 2.28
5
CVSSv2
CVE-2017-7301
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in bfd/aoutx.h that has an off-by-one vulnerability because it does not carefully check the string offset. The vulnerability could lead to a GNU linke...
Gnu Binutils 2.28
5
CVSSv2
CVE-2017-7302
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a swap_std_reloc_out function in bfd/aoutx.h that is vulnerable to an invalid read (of size 4) because of missing checks for relocs that could not be recognised. This vulnerability cau...
Gnu Binutils 2.28
5
CVSSv2
CVE-2018-12934
remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows malicious users to trigger excessive memory consumption (aka OOM). This can occur during execution of cxxfilt.
Gnu Binutils 2.30
4.3
CVSSv2
CVE-2017-9041
GNU Binutils 2.28 allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to MIPS GOT mishandling in the process_mips_specific function in readelf.c.
Gnu Binutils 2.28
6.8
CVSSv2
CVE-2017-9042
readelf.c in GNU Binutils 2017-04-12 has a "cannot be represented in type long" issue, which might allow remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file.
Gnu Binutils 2.28
4.3
CVSSv2
CVE-2017-9044
The print_symbol_for_build_attribute function in readelf.c in GNU Binutils 2017-04-12 allows remote malicious users to cause a denial of service (invalid read and SEGV) via a crafted ELF file.
Gnu Binutils 2.28
4.3
CVSSv2
CVE-2018-17358
An issue exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in _bfd_stab_section_find_nearest_line in syms.c. Attackers could leverage this vulnerability to cause a denial of service (application c...
Gnu Binutils 2.31.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36920
buffer overflow
CVE-2024-36913
CVE-2024-5497
CVE-2024-23917
CVE-2024-4956
server-side request forgery
CVE-2024-35468
SSTI
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »