Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Binutils
(Gnu)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 224 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2014-12-09 | CVE-2014-8502 | Heap-based buffer overflow in the pe_print_edata function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a truncated export table in a PE file. | Ubuntu_linux, Fedora, Binutils | N/A | ||
| 2014-12-09 | CVE-2014-8503 | Stack-based buffer overflow in the ihex_scan function in bfd/ihex.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted ihex file. | Ubuntu_linux, Fedora, Binutils | N/A | ||
| 2014-12-09 | CVE-2014-8504 | Stack-based buffer overflow in the srec_scan function in bfd/srec.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact via a crafted file. | Ubuntu_linux, Fedora, Binutils | N/A | ||
| 2014-12-09 | CVE-2014-8737 | Multiple directory traversal vulnerabilities in GNU binutils 2.24 and earlier allow local users to delete arbitrary files via a .. (dot dot) or full path name in an archive to (1) strip or (2) objcopy or create arbitrary files via (3) a .. (dot dot) or full path name in an archive to ar. | Ubuntu_linux, Fedora, Binutils | N/A | ||
| 2015-01-15 | CVE-2014-8738 | The _bfd_slurp_extended_name_table function in bfd/archive.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service (invalid write, segmentation fault, and crash) via a crafted extended name table in an archive. | Ubuntu_linux, Debian_linux, Fedora, Binutils | N/A | ||
| 2017-03-21 | CVE-2014-9939 | ihex.c in GNU Binutils before 2.26 contains a stack buffer overflow when printing bad bytes in Intel Hex objects. | Binutils | 9.8 | ||
| 2017-05-18 | CVE-2017-9038 | GNU Binutils 2.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to the byte_get_little_endian function in elfcomm.c, the get_unwind_section_word function in readelf.c, and ARM unwind information that contains invalid word offsets. | Binutils | 5.5 | ||
| 2017-05-18 | CVE-2017-9039 | GNU Binutils 2.28 allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file with many program headers, related to the get_program_headers function in readelf.c. | Binutils | 5.5 | ||
| 2017-05-18 | CVE-2017-9040 | GNU Binutils 2017-04-03 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash), related to the process_mips_specific function in readelf.c, via a crafted ELF file that triggers a large memory-allocation attempt. | Binutils | 5.5 | ||
| 2017-05-18 | CVE-2017-9041 | GNU Binutils 2.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to MIPS GOT mishandling in the process_mips_specific function in readelf.c. | Binutils | 5.5 |