Vulnerabilities > GNU > Binutils > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-22 | CVE-2022-47011 | Memory Leak vulnerability in GNU Binutils An issue was discovered function parse_stab_struct_fields in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks. | 5.5 |
| 2023-08-22 | CVE-2022-48063 | Resource Exhaustion vulnerability in GNU Binutils GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function load_separate_debug_files at dwarf2.c. | 5.5 |
| 2023-08-22 | CVE-2022-48064 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function bfd_dwarf2_find_nearest_line_with_alt at dwarf2.c. | 5.5 |
| 2023-08-22 | CVE-2022-48065 | Memory Leak vulnerability in multiple products GNU Binutils before 2.40 was discovered to contain a memory leak vulnerability var the function find_abstract_instance in dwarf2.c. | 5.5 |
| 2023-07-18 | CVE-2021-32256 | Out-of-bounds Write vulnerability in GNU Binutils 2.36 An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. | 6.5 |
| 2023-05-17 | CVE-2023-1972 | Out-of-bounds Write vulnerability in GNU Binutils A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. | 6.5 |
| 2023-01-27 | CVE-2022-4285 | NULL Pointer Dereference vulnerability in multiple products An illegal memory access flaw was found in the binutils package. | 5.5 |
| 2022-08-26 | CVE-2022-38533 | Out-of-bounds Write vulnerability in multiple products In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file. | 5.5 |
| 2021-11-18 | CVE-2021-37322 | Use After Free vulnerability in GNU Binutils GCC c++filt v2.26 was discovered to contain a use-after-free vulnerability via the component cplus-dem.c. | 6.8 |
| 2021-03-26 | CVE-2021-20284 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c due to the number of symbols not calculated correctly. | 5.5 |