Vulnerabilities > GNU > Binutils > High

DATE CVE VULNERABILITY TITLE RISK
2021-12-15 CVE-2021-45078 Out-of-bounds Write vulnerability in multiple products
stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write.
local
low complexity
gnu fedoraproject redhat debian netapp CWE-787
7.8
7.8
2021-11-18 CVE-2021-37322 Use After Free vulnerability in GNU Binutils
GCC c++filt v2.26 was discovered to contain a use-after-free vulnerability via the component cplus-dem.c.
local
low complexity
gnu CWE-416
7.8
7.8
2021-06-02 CVE-2021-3530 Uncontrolled Recursion vulnerability in multiple products
A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed in GNU Binutils version 2.36.
network
low complexity
gnu netapp CWE-674
7.5
7.5
2021-05-26 CVE-2021-3549 Out-of-bounds Write vulnerability in GNU Binutils 2.36
An out of bounds flaw was found in GNU binutils objdump utility version 2.36.
local
low complexity
gnu CWE-787
7.1
7.1
2021-04-29 CVE-2021-20294 Out-of-bounds Write vulnerability in GNU Binutils 2.35/2.35.1
A flaw was found in binutils readelf 2.35 program.
local
low complexity
gnu CWE-787
7.8
7.8
2019-02-24 CVE-2019-9077 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in GNU Binutils 2.32.
local
low complexity
gnu netapp canonical f5 CWE-787
7.8
7.8
2019-02-24 CVE-2019-9075 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32.
local
low complexity
gnu netapp canonical f5 CWE-787
7.8
7.8
2019-02-24 CVE-2019-9070 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32.
local
low complexity
gnu netapp canonical f5 CWE-125
7.8
7.8
2019-01-02 CVE-2018-20657 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted string, leading to a denial of service (memory consumption), as demonstrated by cxxfilt, a related issue to CVE-2018-12698.
network
low complexity
gnu f5 CWE-772
7.5
7.5
2018-12-20 CVE-2018-1000876 Integer Overflow or Wraparound vulnerability in multiple products
binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow.
local
low complexity
gnu canonical redhat CWE-190
7.8
7.8