Download
| Alert*
oval:org.secpod.oval:def:1900405
objdump in GNU Binutils 2.28 is vulnerable to multiple heap-based buffer over-reads while handling corrupt STABS enum typestrings in a crafted object file, leading to program crash. oval:org.secpod.oval:def:1900375 elflink.c in the Binary File Descriptor library , as distributed in GNU Binutils 2.28, has a "member access within null pointer"undefined behavior issue, which might allow remote attackers to cause a denial of service or possibly have unspecified other impact via an "int main {return 0;}" program. oval:org.secpod.oval:def:1900372 The dump_section_as_bytes function in readelf in GNU Binutils 2.28 accesses a NULL pointer while read ing section contents in a corrupt binary, leading to a program crash. oval:org.secpod.oval:def:1900831 bfd/vms-alpha.c in the Binary File Descriptor library , as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file in the _bfd_vms_get_value and _bfd_vms_ ... oval:org.secpod.oval:def:1900753 The find_nearest_line function in addr2line in GNU Binutils 2.28 does not handle the case where the main file name and the directory name are both empty, triggering a NULL pointer dereference and an invalid write, and leading to a program crash. oval:org.secpod.oval:def:1900797 readelf in GNU Binutils 2.28 writes to illegal addresses while processing corrupt input files containing symbol-difference relocations, leading to a heap-based buffer overflow. oval:org.secpod.oval:def:1900711 GNU Binutils 2017-04-03 allows remote attackers to cause a denial of service , related to the process_mips_specific function in readelf.c, via a crafted ELF file that triggers a large memory-allocation attempt. oval:org.secpod.oval:def:1900982 opcodes/rl78-decode.opc in GNU Binutils 2.28 has an unbounded GETBYTE macro, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. oval:org.secpod.oval:def:1900900 opcodes/rx-decode.opc in GNU Binutils 2.28 lacks bounds checks for certain scale arrays, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. oval:org.secpod.oval:def:1901003 The print_symbol_for_build_attribute function in readelf.c in GNU Binutils 2017-04-12 allows remote attackers to cause a denial of service via a crafted ELF file. oval:org.secpod.oval:def:1900873 The ieee_object_p function in bfd/ieee.c in the Binary File Descriptor library , as distributed in GNU Binutils 2.28, might allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "o ... oval:org.secpod.oval:def:1900955 The get_build_id function in opncls.c in the Binary File Descriptor library , as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service via a crafted file in which a certain size field is larger than a corresponding data field, as demonstrated by mishandling within ... oval:org.secpod.oval:def:1900957 The Binary File Descriptor library , as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in bfd/aoutx.h that is vulnerable to a heap-based buffer over-read because of an incomplete check for invalid string offsets while loading symbols, leading to a GNU linker program crash ... oval:org.secpod.oval:def:1900995 The versados_mkobject function in bfd/versados.c in the Binary File Descriptor library , as distributed in GNU Binutils 2.28, does not initialize a certain data structure, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted binary file ... oval:org.secpod.oval:def:1900907 GNU Binutils 2.28 allows remote attackers to cause a denial of service via a crafted ELF file, related to the byte_get_little_endian function in elfcomm.c, the get_unwind_section_word function in readelf.c, and ARM unwind information that contains invalid word offsets. oval:org.secpod.oval:def:1900906 The Binary File Descriptor library , as distributed in GNU Binutils 2.28, has an invalid read because the code to emit relocs does not check the format of the input file before trying to read the ELF reloc section header. The vulnerability leads to a GNU linker program crash. oval:org.secpod.oval:def:1900960 The disassemble_bytes function in objdump.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of rae insns printing for this file during "objdump -D" execution. oval:org.secpod.oval:def:1901019 The aarch64_ext_ldst_reglist function in opcodes/aarch64-dis.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. oval:org.secpod.oval:def:1900899 GNU assembler in GNU Binutils 2.28 is vulnerable to a global buffer overflow while attempting to unget an EOF character from the input stream, potentially leading to a program crash. oval:org.secpod.oval:def:1900927 GNU Binutils 2.28 allows remote attackers to cause a denial of service via a crafted ELF file, related to MIPS GOT mishandling in the process_mips_specific function in readelf.c. oval:org.secpod.oval:def:1901235 The Binary File Descriptor library , as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in bfd/aoutx.h that has an off-by-one vulnerability because it does not carefully check the string offset. The vulnerability could lead to a GNU linker program crash. oval:org.secpod.oval:def:1901080 The score_opcodes function in opcodes/score7-dis.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. oval:org.secpod.oval:def:1901148 opcodes/i386-dis.c in GNU Binutils 2.28 does not consider the number of registers for bnd mode, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. oval:org.secpod.oval:def:1901226 The process_otr function in bfd/versados.c in the Binary File Descriptor library , as distributed in GNU Binutils 2.28, does not validate a certain offset, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted binary file, as demonstrate ... oval:org.secpod.oval:def:1901398 The pe_ILF_object_p function in the Binary File Descriptor library , as distributed in GNU Binutils 2.28, is vulnerable to a heap-based buffer over-read of size 4049 because it uses the strlen function instead of strnlen, leading to program crashes in several utilities such as addr2line, size, and ... oval:org.secpod.oval:def:1901431 readelf in GNU Binutils 2.28 has a use-after-free error while processing multiple, relocated sections in an MSP430 binary. This is caused by mishandling of an invalid symbol index, and mishandling of state across invocations. oval:org.secpod.oval:def:1901442 The ieee_archive_p function in bfd/ieee.c in the Binary File Descriptor library , as distributed in GNU Binutils 2.28, might allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during " ... oval:org.secpod.oval:def:1901529 The *regs* macros in opcodes/bfin-dis.c in GNU Binutils 2.28 allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. oval:org.secpod.oval:def:1901448 The find_nearest_line function in objdump in GNU Binutils 2.28 is vulnerable to an invalid write while disassembling a corrupt binary that contains an empty function name, leading to a program crash. oval:org.secpod.oval:def:1901480 GNU linker in GNU Binutils 2.28 is vulnerable to a heap-based buffer overflow while processing a bogus input script, leading to a program crash. This relates to lack of "\0" termination of a name field in ldlex.l. oval:org.secpod.oval:def:1901410 GNU Binutils 2.28 allows remote attackers to cause a denial of service via a crafted ELF file with many program headers, related to the get_program_headers function in readelf.c. oval:org.secpod.oval:def:1901532 readelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer over-read while processing corrupt RL78 binaries. The vulnerability can trigger program crashes. It may lead to an information leak as well. oval:org.secpod.oval:def:1901542 The sh_elf_set_mach_from_flags function in bfd/elf32-sh.c in the Binary File Descriptor library , as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this fi ... oval:org.secpod.oval:def:1901389 readelf.c in GNU Binutils 2017-04-12 has a "shift exponent too large for type unsigned long" issue, which might allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted ELF file. oval:org.secpod.oval:def:1901543 The Binary File Descriptor library , as distributed in GNU Binutils 2.28, has a swap_std_reloc_out function in bfd/aoutx.h that is vulnerable to an invalid read because of missing checks for relocs that could not be recognised. This vulnerability causes Binutils utilities like strip to crash. oval:org.secpod.oval:def:1901429 The _bfd_vms_slurp_etir function in bfd/vms-alpha.c in the Binary File Descriptor library , as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file dur ... |