Vulnerabilities > GNU > Binutils > 2.29.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-04 | CVE-2017-17123 | NULL Pointer Dereference vulnerability in GNU Binutils 2.29.1 The coff_slurp_reloc_table function in coffcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted COFF based file. | 5.5 |
| 2017-12-04 | CVE-2017-17122 | Integer Overflow or Wraparound vulnerability in GNU Binutils 2.29.1 The dump_relocs_in_section function in objdump.c in GNU Binutils 2.29.1 does not check for reloc count integer overflows, which allows remote attackers to cause a denial of service (excessive memory allocation, or heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PE file. | 7.8 |
| 2017-12-04 | CVE-2017-17121 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Binutils 2.29.1 The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (memory access violation) or possibly have unspecified other impact via a COFF binary in which a relocation refers to a location after the end of the to-be-relocated section. | 7.8 |
| 2017-11-30 | CVE-2017-17080 | Out-of-bounds Read vulnerability in GNU Binutils 2.29.1 elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate sizes of core notes, which allows remote attackers to cause a denial of service (bfd_getl32 heap-based buffer over-read and application crash) via a crafted object file, related to elfcore_grok_netbsd_procinfo, elfcore_grok_openbsd_procinfo, and elfcore_grok_nto_status. | 4.3 |
| 2017-11-15 | CVE-2017-16832 | Integer Overflow or Wraparound vulnerability in GNU Binutils 2.29.1 The pe_bfd_read_buildid function in peicode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate size and offset values in the data dictionary, which allows remote attackers to cause a denial of service (segmentation violation and application crash) or possibly have unspecified other impact via a crafted PE file. | 7.8 |
| 2017-11-15 | CVE-2017-16831 | Integer Overflow or Wraparound vulnerability in GNU Binutils 2.29.1 coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate the symbol count, which allows remote attackers to cause a denial of service (integer overflow and application crash, or excessive memory allocation) or possibly have unspecified other impact via a crafted PE file. | 7.8 |
| 2017-11-15 | CVE-2017-16830 | Integer Overflow or Wraparound vulnerability in GNU Binutils 2.29.1 The print_gnu_property_note function in readelf.c in GNU Binutils 2.29.1 does not have integer-overflow protection on 32-bit platforms, which allows remote attackers to cause a denial of service (segmentation violation and application crash) or possibly have unspecified other impact via a crafted ELF file. | 7.8 |
| 2017-11-15 | CVE-2017-16829 | Out-of-bounds Read vulnerability in GNU Binutils 2.29.1 The _bfd_elf_parse_gnu_properties function in elf-properties.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not prevent negative pointers, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a crafted ELF file. | 7.8 |
| 2017-11-15 | CVE-2017-16828 | Integer Overflow or Wraparound vulnerability in GNU Binutils 2.29.1 The display_debug_frames function in dwarf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service (integer overflow and heap-based buffer over-read, and application crash) or possibly have unspecified other impact via a crafted ELF file, related to print_debug_frame. | 7.8 |
| 2017-11-15 | CVE-2017-16827 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Binutils 2.29.1 The aout_get_external_symbols function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (slurp_symtab invalid free and application crash) or possibly have unspecified other impact via a crafted ELF file. | 7.8 |