Vulnerabilities > GNU > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-04-29 CVE-2018-10534 Out-of-bounds Write vulnerability in multiple products
The _bfd_XX_bfd_copy_private_bfd_data_common function in peXXigen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, processes a negative Data Directory size with an unbounded loop that increases the value of (external_IMAGE_DEBUG_DIRECTORY) *edd so that the address exceeds its own memory region, resulting in an out-of-bounds memory write, as demonstrated by objcopy copying private info with _bfd_pex64_bfd_copy_private_bfd_data_common in pex64igen.c.
local
low complexity
gnu redhat CWE-787
5.5
2018-04-25 CVE-2018-10373 NULL Pointer Dereference vulnerability in multiple products
concat_filename in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted binary file, as demonstrated by nm-new.
network
low complexity
gnu redhat CWE-476
6.5
2018-04-25 CVE-2018-10372 Out-of-bounds Read vulnerability in multiple products
process_cu_tu_index in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted binary file, as demonstrated by readelf.
local
low complexity
gnu redhat CWE-125
5.5
2018-04-10 CVE-2018-9996 Uncontrolled Recursion vulnerability in GNU Binutils 2.30
An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30.
local
low complexity
gnu CWE-674
5.5
2018-03-30 CVE-2018-9138 Uncontrolled Recursion vulnerability in GNU Binutils 2.29/2.30
An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and 2.30.
local
low complexity
gnu CWE-674
5.5
2018-03-22 CVE-2018-8945 Improper Input Validation vulnerability in multiple products
The bfd_section_from_shdr function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (segmentation fault) via a large attribute section.
local
low complexity
gnu redhat CWE-20
5.5
2018-03-02 CVE-2018-7642 NULL Pointer Dereference vulnerability in multiple products
The swap_std_reloc_in function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (aout_32_swap_std_reloc_out NULL pointer dereference and application crash) via a crafted ELF file, as demonstrated by objcopy.
local
low complexity
gnu redhat CWE-476
5.5
2018-02-28 CVE-2018-7570 NULL Pointer Dereference vulnerability in GNU Binutils 2.30
The assign_file_positions_for_non_load_sections function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an ELF file with a RELRO segment that lacks a matching LOAD segment, as demonstrated by objcopy.
local
low complexity
gnu CWE-476
5.5
2018-02-28 CVE-2018-7569 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer underflow or overflow, and application crash) via an ELF file with a corrupt DWARF FORM block, as demonstrated by nm.
local
low complexity
gnu redhat CWE-191
5.5
2018-02-28 CVE-2018-7568 Integer Overflow or Wraparound vulnerability in multiple products
The parse_die function in dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer overflow and application crash) via an ELF file with corrupt dwarf1 debug information, as demonstrated by nm.
local
low complexity
gnu redhat CWE-190
5.5