Vulnerabilities > GNU
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-05 | CVE-2017-15022 | NULL Pointer Dereference vulnerability in GNU Binutils 2.29 dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the DW_AT_name data type, which allows remote attackers to cause a denial of service (bfd_hash_hash NULL pointer dereference, or out-of-bounds access, and application crash) via a crafted ELF file, related to scan_unit_for_symbols and parse_comp_unit. | 5.5 |
| 2017-10-05 | CVE-2017-15021 | Out-of-bounds Read vulnerability in GNU Binutils 2.29 bfd_get_debug_link_info_1 in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to bfd_getl32. | 5.5 |
| 2017-10-05 | CVE-2017-15020 | Out-of-bounds Read vulnerability in GNU Binutils 2.29 dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles pointers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file, related to parse_die and parse_line_table, as demonstrated by a parse_die heap-based buffer over-read. | 7.8 |
| 2017-10-02 | CVE-2017-14974 | NULL Pointer Dereference vulnerability in GNU Binutils 2.29 The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandle the failure of a certain canonicalization step, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c. | 5.5 |
| 2017-09-30 | CVE-2017-14940 | NULL Pointer Dereference vulnerability in GNU Binutils 2.29 scan_unit_for_symbols in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file. | 5.5 |
| 2017-09-30 | CVE-2017-14939 | Out-of-bounds Read vulnerability in GNU Binutils 2.29 decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles a length calculation, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to read_1_byte. | 5.5 |
| 2017-09-30 | CVE-2017-14938 | Allocation of Resources Without Limits or Throttling vulnerability in GNU Binutils 2.29 _bfd_elf_slurp_version_tables in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file. | 5.5 |
| 2017-09-30 | CVE-2017-14934 | Infinite Loop vulnerability in GNU Binutils 2.29 process_debug_info in dwarf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite loop) via a crafted ELF file that contains a negative size value in a CU structure. | 5.5 |
| 2017-09-30 | CVE-2017-14933 | Infinite Loop vulnerability in GNU Binutils 2.29 read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite loop) via a crafted ELF file. | 5.5 |
| 2017-09-30 | CVE-2017-14932 | Infinite Loop vulnerability in GNU Binutils 2.29 decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite loop) via a crafted ELF file. | 5.5 |