Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu binutils 2.28 vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2017-9044
The print_symbol_for_build_attribute function in readelf.c in GNU Binutils 2017-04-12 allows remote malicious users to cause a denial of service (invalid read and SEGV) via a crafted ELF file.
Gnu Binutils 2.28
5.5
CVSSv3
CVE-2017-9040
GNU Binutils 2017-04-03 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash), related to the process_mips_specific function in readelf.c, via a crafted ELF file that triggers a large memory-allocation attempt.
Gnu Binutils 2.28
5.5
CVSSv3
CVE-2017-8421
The function coff_set_alignment_hook in coffcode.h in Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a memory leak vulnerability which can cause memory exhaustion in objdump via a crafted PE file. Additional validation in dump_relocs_i...
Gnu Binutils 2.28
5.5
CVSSv3
CVE-2017-7299
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an invalid read (of size 8) because the code to emit relocs (bfd_elf_final_link function in bfd/elflink.c) does not check the format of the input file before trying to read the ELF rel...
Gnu Binutils 2.28
5.5
CVSSv3
CVE-2017-7224
The find_nearest_line function in objdump in GNU Binutils 2.28 is vulnerable to an invalid write (of size 1) while disassembling a corrupt binary that contains an empty function name, leading to a program crash.
Gnu Binutils 2.28
5.5
CVSSv3
CVE-2017-7210
objdump in GNU Binutils 2.28 is vulnerable to multiple heap-based buffer over-reads (of size 1 and size 8) while handling corrupt STABS enum type strings in a crafted object file, leading to program crash.
Gnu Binutils 2.28
5.5
CVSSv3
CVE-2017-7209
The dump_section_as_bytes function in readelf in GNU Binutils 2.28 accesses a NULL pointer while reading section contents in a corrupt binary, leading to a program crash.
Gnu Binutils 2.28
5.5
CVSSv3
CVE-2017-6966
readelf in GNU Binutils 2.28 has a use-after-free (specifically read-after-free) error while processing multiple, relocated sections in an MSP430 binary. This is caused by mishandling of an invalid symbol index, and mishandling of state across invocations.
Gnu Binutils 2.28
5.5
CVSSv3
CVE-2017-6965
readelf in GNU Binutils 2.28 writes to illegal addresses while processing corrupt input files containing symbol-difference relocations, leading to a heap-based buffer overflow.
Gnu Binutils 2.28
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5