Vulnerabilities > GNU > Binutils > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-10-23 CVE-2018-18607 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.
local
low complexity
gnu debian netapp CWE-476
5.5
5.5
2018-10-23 CVE-2018-18606 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.
local
low complexity
gnu debian netapp CWE-476
5.5
5.5
2018-10-23 CVE-2018-18605 Out-of-bounds Read vulnerability in multiple products
A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize.
local
low complexity
gnu debian netapp CWE-125
5.5
5.5
2018-10-18 CVE-2018-18484 Uncontrolled Recursion vulnerability in GNU Binutils 2.31
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.
local
low complexity
gnu CWE-674
5.5
5.5
2018-10-15 CVE-2018-18309 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Binutils 2.31
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.
local
low complexity
gnu CWE-119
5.5
5.5
2018-10-04 CVE-2018-17985 Resource Exhaustion vulnerability in GNU Binutils 2.31
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.
local
low complexity
gnu CWE-400
5.5
5.5
2018-09-30 CVE-2018-17794 NULL Pointer Dereference vulnerability in GNU Binutils 2.31
An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.
network
low complexity
gnu CWE-476
6.5
6.5
2018-09-23 CVE-2018-17360 Out-of-bounds Read vulnerability in GNU Binutils 2.31.1
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.
local
low complexity
gnu CWE-125
5.5
5.5
2018-09-23 CVE-2018-17359 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Binutils 2.31.1
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.
local
low complexity
gnu CWE-119
5.5
5.5
2018-09-23 CVE-2018-17358 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Binutils 2.31.1
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.
local
low complexity
gnu CWE-119
5.5
5.5