Filtered by vendor Gnu
Subscribe
Total
1065 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-7225 | 1 Gnu | 1 Binutils | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
The find_nearest_line function in addr2line in GNU Binutils 2.28 does not handle the case where the main file name and the directory name are both empty, triggering a NULL pointer dereference and an invalid write, and leading to a program crash. | |||||
CVE-2017-5932 | 1 Gnu | 1 Bash | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
The path autocompletion feature in Bash 4.4 allows local users to gain privileges via a crafted filename starting with a " (double quote) character and a command substitution metacharacter. | |||||
CVE-2017-7299 | 1 Gnu | 1 Binutils | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an invalid read (of size 8) because the code to emit relocs (bfd_elf_final_link function in bfd/elflink.c) does not check the format of the input file before trying to read the ELF reloc section header. The vulnerability leads to a GNU linker (ld) program crash. | |||||
CVE-2017-5337 | 2 Gnu, Opensuse | 2 Gnutls, Leap | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate. | |||||
CVE-2015-8972 | 1 Gnu | 1 Chess | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Stack-based buffer overflow in the ValidateMove function in frontend/move.cc in GNU Chess (aka gnuchess) before 6.2.4 might allow context-dependent attackers to execute arbitrary code via a large input, as demonstrated when in UCI mode. | |||||
CVE-2017-7303 | 1 Gnu | 1 Binutils | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read (of size 4) because of missing a check (in the find_link function) for null headers before attempting to match them. This vulnerability causes Binutils utilities like strip to crash. | |||||
CVE-2017-9039 | 1 Gnu | 1 Binutils | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
GNU Binutils 2.28 allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file with many program headers, related to the get_program_headers function in readelf.c. | |||||
CVE-2017-7209 | 1 Gnu | 1 Binutils | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
The dump_section_as_bytes function in readelf in GNU Binutils 2.28 accesses a NULL pointer while reading section contents in a corrupt binary, leading to a program crash. | |||||
CVE-2017-8396 | 1 Gnu | 1 Binutils | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 because the existing reloc offset range tests didn't catch small negative offsets less than the size of the reloc field. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objdump, to crash. | |||||
CVE-2015-8984 | 1 Gnu | 1 Glibc | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
The fnmatch function in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash) via a malformed pattern, which triggers an out-of-bounds read. | |||||
CVE-2017-8392 | 1 Gnu | 1 Binutils | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 8 because of missing a check to determine whether symbols are NULL in the _bfd_dwarf2_find_nearest_line function. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objdump, to crash. | |||||
CVE-2016-9401 | 3 Debian, Gnu, Redhat | 8 Debian Linux, Bash, Enterprise Linux Desktop and 5 more | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
popd in bash might allow local users to bypass the restricted shell and cause a use-after-free via a crafted address. | |||||
CVE-2017-7302 | 1 Gnu | 1 Binutils | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a swap_std_reloc_out function in bfd/aoutx.h that is vulnerable to an invalid read (of size 4) because of missing checks for relocs that could not be recognised. This vulnerability causes Binutils utilities like strip to crash. | |||||
CVE-2016-4487 | 1 Gnu | 1 Libiberty | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
Use-after-free vulnerability in libiberty allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted binary, related to "btypevec." | |||||
CVE-2017-8397 | 1 Gnu | 1 Binutils | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 and an invalid write of size 1 during processing of a corrupt binary containing reloc(s) with negative addresses. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objdump, to crash. | |||||
CVE-2016-2226 | 1 Gnu | 1 Libiberty | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
Integer overflow in the string_appends function in cplus-dem.c in libiberty allows remote attackers to execute arbitrary code via a crafted executable, which triggers a buffer overflow. | |||||
CVE-2015-8107 | 1 Gnu | 1 A2ps | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
Format string vulnerability in GNU a2ps 4.14 allows remote attackers to execute arbitrary code. | |||||
CVE-2017-6966 | 1 Gnu | 1 Binutils | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
readelf in GNU Binutils 2.28 has a use-after-free (specifically read-after-free) error while processing multiple, relocated sections in an MSP430 binary. This is caused by mishandling of an invalid symbol index, and mishandling of state across invocations. | |||||
CVE-2016-6321 | 1 Gnu | 1 Tar | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Directory traversal vulnerability in the safer_name_suffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the file_name parameter, aka POINTYFEATHER. | |||||
CVE-2015-8983 | 1 Gnu | 1 Glibc | 2024-02-28 | 6.8 MEDIUM | 8.1 HIGH |
Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to computing a size in bytes, which triggers a heap-based buffer overflow. |