Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Binutils
(Gnu)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 225 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-02-11 | CVE-2025-1176 | A vulnerability was found in GNU Binutils 2.43 and classified as critical. This issue affects the function _bfd_elf_gc_mark_rsec of the file elflink.c of the component ld. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The patch is named f9978defb6fab0bd8583942d97c112b0932ac814. It is recommended to... | Binutils | 5.0 | ||
| 2023-04-03 | CVE-2023-1579 | Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64. | Binutils | 7.8 | ||
| 2023-05-17 | CVE-2023-1972 | A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability. | Binutils | 6.5 | ||
| 2006-05-15 | CVE-2006-2362 | Buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation GNU Binutils before 20060423, as used by GNU strings, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a file with a crafted Tektronix Hex Format (TekHex) record in which the length character is not a valid hexadecimal character. | Binutils | N/A | ||
| 2020-12-09 | CVE-2020-16590 | A double free vulnerability exists in the Binary File Descriptor (BFD) (aka libbrd) in GNU Binutils 2.35 in the process_symbol_table, as demonstrated in readelf, via a crafted file. | Binutils, Ontap_select_deploy_administration_utility | 5.5 | ||
| 2020-12-09 | CVE-2020-16591 | A Denial of Service vulnerability exists in the Binary File Descriptor (BFD) in GNU Binutils 2.35 due to an invalid read in process_symbol_table, as demonstrated in readeif. | Binutils, Ontap_select_deploy_administration_utility | 5.5 | ||
| 2020-12-09 | CVE-2020-16592 | A use after free issue exists in the Binary File Descriptor (BFD) library (aka libbfd) in GNU Binutils 2.34 in bfd_hash_lookup, as demonstrated in nm-new, that can cause a denial of service via a crafted file. | Fedora, Binutils, Ontap_select_deploy_administration_utility | 5.5 | ||
| 2020-12-09 | CVE-2020-16593 | A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in scan_unit_for_symbols, as demonstrated in addr2line, that can cause a denial of service via a crafted file. | Binutils, Cloud_backup, Ontap_select_deploy_administration_utility, Solidfire_\&_hci_management_node | 5.5 | ||
| 2020-12-09 | CVE-2020-16599 | A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in _bfd_elf_get_symbol_version_string, as demonstrated in nm-new, that can cause a denial of service via a crafted file. | Binutils, Cloud_backup, Hci_management_node, Ontap_select_deploy_administration_utility, Solidfire | 5.5 | ||
| 2020-12-27 | CVE-2020-35448 | An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35.1. A heap-based buffer over-read can occur in bfd_getl_signed_32 in libbfd.c because sh_entsize is not validated in _bfd_elf_slurp_secondary_reloc_section in elf.c. | Binutils, Ontap_select_deploy_administration_utility | 3.3 |