Filtered by vendor Gnu
Subscribe
Total
1065 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-6759 | 1 Gnu | 1 Binutils | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
The bfd_get_debug_link_info_1 function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, has an unchecked strnlen operation. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) via a crafted ELF file. | |||||
CVE-2018-6485 | 4 Gnu, Netapp, Oracle and 1 more | 15 Glibc, Cloud Backup, Data Ontap Edge and 12 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption. | |||||
CVE-2018-6952 | 1 Gnu | 1 Patch | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6. | |||||
CVE-2018-12698 | 2 Canonical, Gnu | 2 Ubuntu Linux, Binutils | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of objdump. | |||||
CVE-2017-18269 | 2 Gnu, Linux | 2 Glibc, Linux Kernel | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution. | |||||
CVE-2018-7569 | 2 Gnu, Redhat | 4 Binutils, Enterprise Linux Desktop, Enterprise Linux Server and 1 more | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer underflow or overflow, and application crash) via an ELF file with a corrupt DWARF FORM block, as demonstrated by nm. | |||||
CVE-2016-10713 | 1 Gnu | 1 Patch | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in GNU patch before 2.7.6. Out-of-bounds access within pch_write_line() in pch.c can possibly lead to DoS via a crafted input file. | |||||
CVE-2017-9750 | 1 Gnu | 1 Binutils | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
opcodes/rx-decode.opc in GNU Binutils 2.28 lacks bounds checks for certain scale arrays, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. | |||||
CVE-2017-12455 | 1 Gnu | 1 Binutils | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
The evax_bfd_print_emh function in vms-alpha.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause an out of bounds heap read via a crafted vms alpha file. | |||||
CVE-2017-9778 | 1 Gnu | 1 Gdb | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for example, impede efforts to analyze malware with GDB. | |||||
CVE-2017-14938 | 1 Gnu | 1 Binutils | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
_bfd_elf_slurp_version_tables in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file. | |||||
CVE-2017-9747 | 1 Gnu | 1 Binutils | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
The ieee_archive_p function in bfd/ieee.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, might allow remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. NOTE: this may be related to a compiler bug. | |||||
CVE-2017-15938 | 1 Gnu | 1 Binutils | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, miscalculates DW_FORM_ref_addr die refs in the case of a relocatable object file, which allows remote attackers to cause a denial of service (find_abstract_instance_name invalid memory read, segmentation fault, and application crash). | |||||
CVE-2014-9984 | 1 Gnu | 1 Glibc | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
nscd in the GNU C Library (aka glibc or libc6) before version 2.20 does not correctly compute the size of an internal buffer when processing netgroup requests, possibly leading to an nscd daemon crash or code execution as the user running nscd. | |||||
CVE-2017-13730 | 1 Gnu | 1 Ncurses | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
There is an illegal address access in the function _nc_read_entry_source() in progs/tic.c in ncurses 6.0 that might lead to a remote denial of service attack. | |||||
CVE-2017-12959 | 1 Gnu | 1 Pspp | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
There is a reachable assertion abort in the function dict_add_mrset() in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to a remote denial of service attack. | |||||
CVE-2017-9749 | 1 Gnu | 1 Binutils | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
The *regs* macros in opcodes/bfin-dis.c in GNU Binutils 2.28 allow remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution. | |||||
CVE-2011-5320 | 1 Gnu | 1 Glibc | 2024-02-28 | 2.1 LOW | 6.2 MEDIUM |
scanf and related functions in glibc before 2.15 allow local users to cause a denial of service (segmentation fault) via a large string of 0s. | |||||
CVE-2017-15024 | 1 Gnu | 1 Binutils | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
find_abstract_instance_name in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file. | |||||
CVE-2017-12457 | 1 Gnu | 1 Binutils | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
The bfd_make_section_with_flags function in section.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29 and earlier, allows remote attackers to cause a NULL dereference via a crafted file. |