Vulnerabilities > GNU > Binutils > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-26 | CVE-2018-6323 | Integer Overflow or Wraparound vulnerability in GNU Binutils 2.29.1 The elf_object_p function in elfcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, has an unsigned integer overflow because bfd_size_type multiplication is not used. | 7.8 |
| 2017-12-04 | CVE-2017-17126 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Binutils 2.29.1 The load_debug_section function in readelf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via an ELF file that lacks section headers. | 7.8 |
| 2017-12-04 | CVE-2017-17125 | Out-of-bounds Read vulnerability in GNU Binutils 2.29.1 nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global symbols, which allows remote attackers to cause a denial of service (_bfd_elf_get_symbol_version_string buffer over-read and application crash) or possibly have unspecified other impact via a crafted ELF file. | 7.8 |
| 2017-12-04 | CVE-2017-17124 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Binutils 2.29.1 The _bfd_coff_read_string_table function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not properly validate the size of the external string table, which allows remote attackers to cause a denial of service (excessive memory consumption, or heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted COFF binary. | 7.8 |
| 2017-12-04 | CVE-2017-17122 | Integer Overflow or Wraparound vulnerability in GNU Binutils 2.29.1 The dump_relocs_in_section function in objdump.c in GNU Binutils 2.29.1 does not check for reloc count integer overflows, which allows remote attackers to cause a denial of service (excessive memory allocation, or heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PE file. | 7.8 |
| 2017-12-04 | CVE-2017-17121 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Binutils 2.29.1 The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service (memory access violation) or possibly have unspecified other impact via a COFF binary in which a relocation refers to a location after the end of the to-be-relocated section. | 7.8 |
| 2017-11-15 | CVE-2017-16832 | Integer Overflow or Wraparound vulnerability in GNU Binutils 2.29.1 The pe_bfd_read_buildid function in peicode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate size and offset values in the data dictionary, which allows remote attackers to cause a denial of service (segmentation violation and application crash) or possibly have unspecified other impact via a crafted PE file. | 7.8 |
| 2017-11-15 | CVE-2017-16831 | Integer Overflow or Wraparound vulnerability in GNU Binutils 2.29.1 coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate the symbol count, which allows remote attackers to cause a denial of service (integer overflow and application crash, or excessive memory allocation) or possibly have unspecified other impact via a crafted PE file. | 7.8 |
| 2017-11-15 | CVE-2017-16830 | Integer Overflow or Wraparound vulnerability in GNU Binutils 2.29.1 The print_gnu_property_note function in readelf.c in GNU Binutils 2.29.1 does not have integer-overflow protection on 32-bit platforms, which allows remote attackers to cause a denial of service (segmentation violation and application crash) or possibly have unspecified other impact via a crafted ELF file. | 7.8 |
| 2017-11-15 | CVE-2017-16829 | Out-of-bounds Read vulnerability in GNU Binutils 2.29.1 The _bfd_elf_parse_gnu_properties function in elf-properties.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not prevent negative pointers, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a crafted ELF file. | 7.8 |