Vulnerabilities > GNU > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-01-16 CVE-2019-6455 Double Free vulnerability in GNU Recutils 1.8
An issue was discovered in GNU Recutils 1.8.
network
low complexity
gnu CWE-415
6.5
2019-01-15 CVE-2018-20712 Out-of-bounds Read vulnerability in GNU Binutils 2.31.1
A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1.
network
low complexity
gnu CWE-125
6.5
2019-01-04 CVE-2018-20673 Integer Overflow or Wraparound vulnerability in GNU Binutils 2.31.1
The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for "Create an array for saving the template argument values") that can trigger a heap-based buffer overflow, as demonstrated by nm.
local
low complexity
gnu CWE-190
5.5
2019-01-04 CVE-2018-20671 Integer Overflow or Wraparound vulnerability in GNU Binutils
load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size.
local
low complexity
gnu CWE-190
5.5
2019-01-01 CVE-2018-20651 NULL Pointer Dereference vulnerability in GNU Binutils 2.31.1
A NULL pointer dereference was discovered in elf_link_add_object_symbols in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.1.
local
low complexity
gnu CWE-476
5.5
2018-12-31 CVE-2018-20623 Use After Free vulnerability in GNU Binutils 2.31.1
In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called from the process_archive function in readelf.c via a crafted ELF file.
local
low complexity
gnu CWE-416
5.5
2018-12-26 CVE-2018-20482 Infinite Loop vulnerability in multiple products
GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be archived by a different user's process (e.g., a system backup running as root).
local
high complexity
gnu debian opensuse CWE-835
4.7
2018-12-24 CVE-2018-20431 NULL Pointer Dereference vulnerability in multiple products
GNU Libextractor through 1.8 has a NULL Pointer Dereference vulnerability in the function process_metadata() in plugins/ole2_extractor.c.
network
low complexity
gnu debian CWE-476
6.5
2018-12-24 CVE-2018-20430 Out-of-bounds Read vulnerability in multiple products
GNU Libextractor through 1.8 has an out-of-bounds read vulnerability in the function history_extract() in plugins/ole2_extractor.c, related to EXTRACTOR_common_convert_to_utf8 in common/convert.c.
network
low complexity
gnu debian CWE-125
6.5
2018-12-10 CVE-2018-20002 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm.
local
low complexity
gnu netapp f5 CWE-772
5.5