It exists that GNU binutils incorrectly performed bounds checking
operations when parsing stabs debugging information. An attacker could
possibly use this issue to cause a denial of service or execute arbitrary
code. (CVE-2021-45078)
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2351 A heap-based buffer over-read can occur in bfd_getl_signed_32 in libbfdc because sh_entsize is not validated in _bfd_elf_slurp_secondary_reloc_section in elfc (CVE-2020-35448)
A flaw was found in binutils' readelf program An ...
A security issue was found in the BFD library of binutils before version 236 read_section() in dwarf2c of BFD could cause excessive memory consumption when handling corrupt DWARF debug sections This could lead to an impact to system availability, denial of service, and/or a crash in applications linked with the BFD library's DWARF functionalit ...