Binutils - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Binutils
(Gnu)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	224

Date	Id	Summary	Products	Score	Patch	Annotated
2019-01-01	CVE-2018-20651	A NULL pointer dereference was discovered in elf_link_add_object_symbols in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.1. This occurs for a crafted ET_DYN with no program headers. A specially crafted ELF file allows remote attackers to cause a denial of service, as demonstrated by ld.	Binutils	5.5
2019-01-04	CVE-2018-20671	load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size.	Binutils	5.5
2019-06-26	CVE-2019-12972	An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\0' character.	Ubuntu_linux, Binutils, Leap	5.5
2019-07-23	CVE-2019-1010204	GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An ELF file with an invalid e_shoff header field must be opened.	Binutils, Binutils_gold, Hci_management_node, Solidfire	5.5
2019-10-10	CVE-2019-17451	An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c, as demonstrated by nm.	Ubuntu_linux, Binutils, Leap	6.5
2020-12-09	CVE-2020-16590	A double free vulnerability exists in the Binary File Descriptor (BFD) (aka libbrd) in GNU Binutils 2.35 in the process_symbol_table, as demonstrated in readelf, via a crafted file.	Binutils, Ontap_select_deploy_administration_utility	5.5
2020-12-09	CVE-2020-16591	A Denial of Service vulnerability exists in the Binary File Descriptor (BFD) in GNU Binutils 2.35 due to an invalid read in process_symbol_table, as demonstrated in readeif.	Binutils, Ontap_select_deploy_administration_utility	5.5
2020-12-09	CVE-2020-16592	A use after free issue exists in the Binary File Descriptor (BFD) library (aka libbfd) in GNU Binutils 2.34 in bfd_hash_lookup, as demonstrated in nm-new, that can cause a denial of service via a crafted file.	Fedora, Binutils, Ontap_select_deploy_administration_utility	5.5
2020-12-09	CVE-2020-16593	A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in scan_unit_for_symbols, as demonstrated in addr2line, that can cause a denial of service via a crafted file.	Binutils, Cloud_backup, Ontap_select_deploy_administration_utility, Solidfire_\&_hci_management_node	5.5
2020-12-09	CVE-2020-16599	A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in _bfd_elf_get_symbol_version_string, as demonstrated in nm-new, that can cause a denial of service via a crafted file.	Binutils, Cloud_backup, Hci_management_node, Ontap_select_deploy_administration_utility, Solidfire	5.5