Vulnerabilities > GNU > Binutils > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-22 | CVE-2017-7225 | NULL Pointer Dereference vulnerability in GNU Binutils 2.28 The find_nearest_line function in addr2line in GNU Binutils 2.28 does not handle the case where the main file name and the directory name are both empty, triggering a NULL pointer dereference and an invalid write, and leading to a program crash. | 5.0 |
| 2017-03-22 | CVE-2017-7224 | Out-of-bounds Write vulnerability in GNU Binutils 2.28 The find_nearest_line function in objdump in GNU Binutils 2.28 is vulnerable to an invalid write (of size 1) while disassembling a corrupt binary that contains an empty function name, leading to a program crash. | 4.3 |
| 2017-03-22 | CVE-2017-7223 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Binutils 2.28 GNU assembler in GNU Binutils 2.28 is vulnerable to a global buffer overflow (of size 1) while attempting to unget an EOF character from the input stream, potentially leading to a program crash. | 5.0 |
| 2017-03-21 | CVE-2017-7210 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Binutils 2.28 objdump in GNU Binutils 2.28 is vulnerable to multiple heap-based buffer over-reads (of size 1 and size 8) while handling corrupt STABS enum type strings in a crafted object file, leading to program crash. | 4.3 |
| 2017-03-21 | CVE-2017-7209 | NULL Pointer Dereference vulnerability in GNU Binutils 2.28 The dump_section_as_bytes function in readelf in GNU Binutils 2.28 accesses a NULL pointer while reading section contents in a corrupt binary, leading to a program crash. | 4.3 |
| 2017-03-17 | CVE-2017-6969 | Out-of-bounds Read vulnerability in GNU Binutils 2.28 readelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer over-read while processing corrupt RL78 binaries. | 6.4 |
| 2017-03-17 | CVE-2017-6966 | Use After Free vulnerability in GNU Binutils 2.28 readelf in GNU Binutils 2.28 has a use-after-free (specifically read-after-free) error while processing multiple, relocated sections in an MSP430 binary. | 4.3 |
| 2017-03-17 | CVE-2017-6965 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Binutils 2.28 readelf in GNU Binutils 2.28 writes to illegal addresses while processing corrupt input files containing symbol-difference relocations, leading to a heap-based buffer overflow. | 4.3 |
| 2012-09-05 | CVE-2012-3509 | Numeric Errors vulnerability in multiple products Multiple integer overflows in the (1) _objalloc_alloc function in objalloc.c and (2) objalloc_alloc macro in include/objalloc.h in GNU libiberty, as used by binutils 2.22, allow remote attackers to cause a denial of service (crash) via vectors related to the "addition of CHUNK_HEADER_SIZE to the length," which triggers a heap-based buffer overflow. | 5.0 |