Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
gnu binutils 2.28 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-7304
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read (of size 8) because of missing a check (in the copy_special_section_fields function) for an invalid sh_link field before attempting to follow it. This vuln...
Gnu Binutils 2.28
9.8
CVSSv3
CVE-2017-7614
elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a "member access within null pointer" undefined behavior issue, which might allow remote malicious users to cause a denial of service (application crash) or poss...
Gnu Binutils 2.28
5.5
CVSSv3
CVE-2017-7210
objdump in GNU Binutils 2.28 is vulnerable to multiple heap-based buffer over-reads (of size 1 and size 8) while handling corrupt STABS enum type strings in a crafted object file, leading to program crash.
Gnu Binutils 2.28
9.1
CVSSv3
CVE-2017-7226
The pe_ILF_object_p function in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a heap-based buffer over-read of size 4049 because it uses the strlen function instead of strnlen, leading to program crashes in several ut...
Gnu Binutils 2.28
7.5
CVSSv3
CVE-2017-7227
GNU linker (ld) in GNU Binutils 2.28 is vulnerable to a heap-based buffer overflow while processing a bogus input script, leading to a program crash. This relates to lack of '\0' termination of a name field in ldlex.l.
Gnu Binutils 2.28
5.5
CVSSv3
CVE-2017-6965
readelf in GNU Binutils 2.28 writes to illegal addresses while processing corrupt input files containing symbol-difference relocations, leading to a heap-based buffer overflow.
Gnu Binutils 2.28
5.5
CVSSv3
CVE-2017-6966
readelf in GNU Binutils 2.28 has a use-after-free (specifically read-after-free) error while processing multiple, relocated sections in an MSP430 binary. This is caused by mishandling of an invalid symbol index, and mishandling of state across invocations.
Gnu Binutils 2.28
9.1
CVSSv3
CVE-2017-6969
readelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer over-read while processing corrupt RL78 binaries. The vulnerability can trigger program crashes. It may lead to an information leak as well.
Gnu Binutils 2.28
5.5
CVSSv3
CVE-2017-9041
GNU Binutils 2.28 allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to MIPS GOT mishandling in the process_mips_specific function in readelf.c.
Gnu Binutils 2.28
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2023-38506
CVE-2024-37198
CVE-2023-45197
CVE-2024-38621
CVE-2024-30103
elevation of privilege
CVE-2024-0044
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5