Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Binutils
(Gnu)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 224 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-01-04 | CVE-2020-35496 | There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. This flaw affects binutils versions prior to 2.34. | Brocade_fabric_operating_system_firmware, Fedora, Binutils, Cloud_backup, Hci_compute_node_firmware, Ontap_select_deploy_administration_utility, Solidfire\,_enterprise_sds_\&_hci_storage_node, Solidfire_\&_hci_management_node | 5.5 | ||
| 2021-04-29 | CVE-2021-20294 | A flaw was found in binutils readelf 2.35 program. An attacker who is able to convince a victim using readelf to read a crafted file could trigger a stack buffer overflow, out-of-bounds write of arbitrary data supplied by the attacker. The highest impact of this flaw is to confidentiality, integrity, and availability. | Binutils | 7.8 | ||
| 2021-12-15 | CVE-2021-45078 | stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists because of an incorrect fix for CVE-2018-12699. | Debian_linux, Fedora, Binutils, Ontap_select_deploy_administration_utility, Enterprise_linux | 7.8 | ||
| 2022-08-26 | CVE-2022-38533 | In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file. | Fedora, Binutils | 5.5 | ||
| 2023-01-27 | CVE-2022-4285 | An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599. | Fedora, Binutils, Enterprise_linux | 5.5 | ||
| 2023-04-03 | CVE-2023-1579 | Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64. | Binutils | 7.8 | ||
| 2023-08-22 | CVE-2020-19724 | A memory consumption issue in get_data function in binutils/nm.c in GNU nm before 2.34 allows attackers to cause a denial of service via crafted command. | Binutils | 5.5 | ||
| 2023-08-22 | CVE-2020-21490 | An issue was discovered in GNU Binutils 2.34. It is a memory leak when process microblaze-dis.c. This one will consume memory on each insn disassembled. | Binutils | 5.5 | ||
| 2023-08-22 | CVE-2022-48063 | GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function load_separate_debug_files at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack. | Binutils | 5.5 | ||
| 2023-08-22 | CVE-2022-48064 | GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function bfd_dwarf2_find_nearest_line_with_alt at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack. | Fedora, Binutils, Ontap_select_deploy_administration_utility | 5.5 |