Vulnerabilities > GNU > Binutils > 2.10.1

DATE CVE VULNERABILITY TITLE RISK
2023-08-22 CVE-2022-48063 Resource Exhaustion vulnerability in GNU Binutils
GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function load_separate_debug_files at dwarf2.c.
local
low complexity
gnu CWE-400
5.5
5.5
2023-08-22 CVE-2022-48064 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function bfd_dwarf2_find_nearest_line_with_alt at dwarf2.c.
local
low complexity
gnu fedoraproject netapp CWE-770
5.5
5.5
2023-08-22 CVE-2022-48065 Memory Leak vulnerability in multiple products
GNU Binutils before 2.40 was discovered to contain a memory leak vulnerability var the function find_abstract_instance in dwarf2.c.
local
low complexity
gnu netapp fedoraproject CWE-401
5.5
5.5
2022-08-26 CVE-2022-38533 Out-of-bounds Write vulnerability in multiple products
In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file.
local
low complexity
gnu fedoraproject CWE-787
5.5
5.5
2021-12-15 CVE-2021-45078 Out-of-bounds Write vulnerability in multiple products
stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write.
local
low complexity
gnu fedoraproject redhat debian netapp CWE-787
7.8
7.8
2021-11-18 CVE-2021-37322 Use After Free vulnerability in GNU Binutils
GCC c++filt v2.26 was discovered to contain a use-after-free vulnerability via the component cplus-dem.c.
local
low complexity
gnu CWE-416
7.8
7.8
2021-03-26 CVE-2021-20197 There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib.
local
high complexity
gnu redhat netapp broadcom
6.3
6.3
2021-01-04 CVE-2020-35507 There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference.
local
low complexity
gnu redhat netapp broadcom
5.5
5.5
2021-01-04 CVE-2020-35496 There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference.
local
low complexity
gnu fedoraproject netapp broadcom
5.5
5.5
2021-01-04 CVE-2020-35495 There's a flaw in binutils /bfd/pef.c.
local
low complexity
gnu fedoraproject netapp broadcom
5.5
5.5