Vulnerabilities > GNU > Binutils
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-23 | CVE-2018-17360 | Out-of-bounds Read vulnerability in GNU Binutils 2.31.1 An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. | 5.5 |
| 2018-09-23 | CVE-2018-17359 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Binutils 2.31.1 An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. | 5.5 |
| 2018-09-23 | CVE-2018-17358 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Binutils 2.31.1 An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. | 5.5 |
| 2018-07-01 | CVE-2018-13033 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file, as demonstrated by _bfd_elf_parse_attributes in elf-attrs.c and bfd_malloc in libbfd.c. | 5.5 |
| 2018-06-28 | CVE-2018-12934 | Allocation of Resources Without Limits or Throttling vulnerability in GNU Binutils 2.30 remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM). | 7.5 |
| 2018-06-23 | CVE-2018-12699 | Out-of-bounds Write vulnerability in multiple products finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. | 9.8 |
| 2018-06-23 | CVE-2018-12698 | demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the template argument values" XNEWVEC call. | 7.5 |
| 2018-06-23 | CVE-2018-12697 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. | 7.5 |
| 2018-06-22 | CVE-2018-12641 | Resource Exhaustion vulnerability in GNU Binutils 2.30 An issue was discovered in arm_pt in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. | 5.5 |
| 2018-04-29 | CVE-2018-10535 | NULL Pointer Dereference vulnerability in multiple products The ignore_section_sym function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, does not validate the output_section pointer in the case of a symtab entry with a "SECTION" type that has a "0" value, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file, as demonstrated by objcopy. | 5.5 |