Search CVE reports

21 – 30 of 235 results

Detailed view

Sort by:

CVE-2023-1972

Low priority

Some fixes available 9 of 11

A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability.

2 affected packages

binutils, gdb

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
binutils	Fixed	Fixed	Not affected	Not affected	Not affected
gdb	Not affected	Fixed	Fixed	Fixed	Fixed

CVE-2023-1579

Medium priority

Fixed

Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64.

1 affected packages

binutils

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
binutils	—	Not affected	Not affected	Not affected	Not affected

A flaw was found in Binutils. The field `the_bfd` of `asymbol`struct is uninitialized in the `bfd_mach_o_get_synthetic_symtab` function, which may lead to an application crash and local denial of service.

1 affected packages

binutils

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
binutils	—	Fixed	Fixed	Fixed	Fixed

CVE-2023-25585

Medium priority

Fixed

A flaw was found in Binutils. The use of an uninitialized field in the struct module *module may lead to application crash and local denial of service.

1 affected packages

binutils

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
binutils	—	Fixed	Fixed	Fixed	Fixed

CVE-2023-25584

Medium priority

Some fixes available 4 of 6

An out-of-bounds read flaw was found in the parse_module function in bfd/vms-alpha.c in Binutils.

1 affected packages

binutils

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
binutils	—	Fixed	Fixed	Fixed	Ignored

CVE-2022-4285

Low priority

Some fixes available 5 of 15

An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599.

3 affected packages

binutils, binutils-avr, gdb

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
binutils	Not affected	Fixed	Not affected	Not affected	Not affected
binutils-avr	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
gdb	Not affected	Fixed	Fixed	Fixed	Fixed

CVE-2021-3826

Low priority

Vulnerable

Heap/stack buffer overflow in the dlang_lname function in d-demangle.c in libiberty allows attackers to potentially cause a denial of service (segmentation fault and crash) via a crafted mangled symbol.

51 affected packages

binutils, gcc-10, gcc-11, gcc-12, gcc-13...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
binutils	Not affected	Not affected	Not affected	Not affected	Not affected
gcc-10	Not affected	Not affected	Not affected	Not in release	Not in release
gcc-11	Vulnerable	Vulnerable	Not in release	Not in release	Not in release
gcc-12	Not affected	Not affected	Not in release	Ignored	Ignored
gcc-13	Not affected	Not in release	Not in release	Ignored	Ignored
gcc-3.3	Not affected	Not affected	Not affected	Not affected	Not affected
gcc-4.4	Not in release	Not in release	Not in release	Not in release	Not in release
gcc-4.6	Not in release	Not in release	Not in release	Not in release	Not in release
gcc-4.7	Not in release	Not in release	Not in release	Not in release	Not affected
gcc-4.7-armel-cross	Not in release	Not in release	Not in release	Not in release	Not affected
gcc-4.7-armhf-cross	Not in release	Not in release	Not in release	Not in release	Not affected
gcc-4.8	Not in release	Not in release	Not in release	Not affected	Not affected
gcc-4.8-arm64-cross	Not in release	Not in release	Not in release	Not in release	Not affected
gcc-4.8-armhf-cross	Not in release	Not in release	Not in release	Not in release	Not affected
gcc-4.8-powerpc-cross	Not in release	Not in release	Not in release	Not in release	Not affected
gcc-4.8-ppc64el-cross	Not in release	Not in release	Not in release	Not in release	Not affected
gcc-4.9	Not in release	Not in release	Not in release	Not in release	Not affected
gcc-5	Not in release	Not in release	Not in release	Not affected	Not affected
gcc-5-cross	Not in release	Not in release	Not in release	Not affected	Not affected
gcc-6	Not in release	Not in release	Not in release	Not affected	Not in release
gcc-6-cross	Not in release	Not in release	Not in release	Not affected	Not in release
gcc-6-cross-ports	Not in release	Not in release	Not in release	Not affected	Not in release
gcc-7	Not in release	Not in release	Not affected	Not affected	Not in release
gcc-7-cross	Not in release	Not in release	Not in release	Not affected	Not in release
gcc-7-cross-ports	Not in release	Not in release	Not in release	Not affected	Not in release
gcc-8	Not in release	Not in release	Not affected	Not affected	Not in release
gcc-8-cross	Not in release	Not in release	Not affected	Not affected	Not in release
gcc-8-cross-ports	Not in release	Not in release	Not affected	Not affected	Not in release
gcc-9	Not affected	Not affected	Not affected	Not in release	Not in release
gcc-9-cross	Not affected	Not affected	Not affected	Not in release	Not in release
gcc-9-cross-ports	Not affected	Not affected	Not affected	Not in release	Not in release
gcc-arm-linux-androideabi	Not in release	Not in release	Not in release	Not in release	Not affected
gcc-arm-none-eabi	Not affected	Not affected	Not affected	Not affected	Not affected
gcc-avr	Not affected	Not affected	Not affected	Not affected	Not affected
gcc-defaults	Not affected	Not affected	Not affected	Not affected	Not affected
gcc-defaults-arm64-cross	Not in release	Not in release	Not in release	Not in release	Not in release
gcc-defaults-armel-cross	Not in release	Not in release	Not in release	Not in release	Not in release
gcc-defaults-armhf-cross	Not in release	Not in release	Not in release	Not in release	Not in release
gcc-defaults-powerpc-cross	Not in release	Not in release	Not in release	Not in release	Not in release
gcc-defaults-ppc64el-cross	Not in release	Not in release	Not in release	Not in release	Not in release
gcc-h8300-hms	Not affected	Not affected	Not affected	Not affected	Not affected
gcc-i686-linux-android	Not in release	Not in release	Not in release	Not in release	Not affected
gcc-m68hc1x	Not in release	Not affected	Not affected	Not affected	Not affected
gcc-mingw-w64	Not affected	Not affected	Not affected	Not affected	Not affected
gcc-msp430	Not in release	Not affected	Not affected	Not affected	Not affected
gcc-opt	Not affected	Not affected	Not affected	Not affected	Not affected
gcc-snapshot	Not affected	Not affected	Not affected	Not affected	Not affected
gccgo-4.9	Not in release	Not in release	Not in release	Not in release	Not in release
gccgo-6	Not in release	Not in release	Not in release	Not in release	Not affected
gdb	Not affected	Not affected	Not affected	Needs evaluation	Needs evaluation
libiberty	Not affected	Vulnerable	Not affected	Not affected	Not affected

CVE-2022-38533

Medium priority

Fixed

In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file.

1 affected packages

binutils

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
binutils	—	Fixed	Fixed	Fixed	Fixed

CVE-2022-27943

Low priority

Vulnerable

libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.

52 affected packages

binutils, crash, gcc-10, gcc-11, gcc-12...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
binutils	Not affected	Vulnerable	Not affected	Not affected	Not affected
crash	Not affected	Not affected	Not affected	Not affected	Not affected
gcc-10	Not affected	Not affected	Not affected	Not in release	Not in release
gcc-11	Vulnerable	Vulnerable	Not in release	Not in release	Not in release
gcc-12	Vulnerable	Vulnerable	Not in release	Not in release	Not in release
gcc-13	Not affected	Not in release	Not in release	Not in release	Not in release
gcc-3.3	Not affected	Not affected	Not affected	Not affected	Needs evaluation
gcc-4.4	Not in release	Not in release	Not in release	Not in release	Not in release
gcc-4.6	Not in release	Not in release	Not in release	Not in release	Not in release
gcc-4.7	Not in release	Not in release	Not in release	Not in release	Needs evaluation
gcc-4.7-armel-cross	Not in release	Not in release	Not in release	Not in release	Needs evaluation
gcc-4.7-armhf-cross	Not in release	Not in release	Not in release	Not in release	Needs evaluation
gcc-4.8	Not in release	Not in release	Not in release	Not affected	Not affected
gcc-4.8-arm64-cross	Not in release	Not in release	Not in release	Not in release	Needs evaluation
gcc-4.8-armhf-cross	Not in release	Not in release	Not in release	Not in release	Needs evaluation
gcc-4.8-powerpc-cross	Not in release	Not in release	Not in release	Not in release	Needs evaluation
gcc-4.8-ppc64el-cross	Not in release	Not in release	Not in release	Not in release	Needs evaluation
gcc-4.9	Not in release	Not in release	Not in release	Not in release	Not affected
gcc-5	Not in release	Not in release	Not in release	Not affected	Not affected
gcc-5-cross	Not in release	Not in release	Not in release	Not affected	Not affected
gcc-6	Not in release	Not in release	Not in release	Not affected	Not in release
gcc-6-cross	Not in release	Not in release	Not in release	Not affected	Not in release
gcc-6-cross-ports	Not in release	Not in release	Not in release	Not affected	Not in release
gcc-7	Not in release	Not in release	Not affected	Not affected	Not in release
gcc-7-cross	Not in release	Not in release	Not in release	Needs evaluation	Not in release
gcc-7-cross-ports	Not in release	Not in release	Not in release	Needs evaluation	Not in release
gcc-8	Not in release	Not in release	Not affected	Not affected	Not in release
gcc-8-cross	Not in release	Not in release	Needs evaluation	Needs evaluation	Not in release
gcc-8-cross-ports	Not in release	Not in release	Not affected	Not affected	Not in release
gcc-9	Not affected	Not affected	Not affected	Not in release	Not in release
gcc-9-cross	Not affected	Not affected	Not affected	Not in release	Not in release
gcc-9-cross-ports	Not affected	Not affected	Not affected	Not in release	Not in release
gcc-arm-linux-androideabi	Not in release	Not in release	Not in release	Not in release	Needs evaluation
gcc-arm-none-eabi	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
gcc-avr	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
gcc-defaults	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
gcc-defaults-arm64-cross	Not in release	Not in release	Not in release	Not in release	Not in release
gcc-defaults-armel-cross	Not in release	Not in release	Not in release	Not in release	Not in release
gcc-defaults-armhf-cross	Not in release	Not in release	Not in release	Not in release	Not in release
gcc-defaults-powerpc-cross	Not in release	Not in release	Not in release	Not in release	Not in release
gcc-defaults-ppc64el-cross	Not in release	Not in release	Not in release	Not in release	Not in release
gcc-h8300-hms	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
gcc-i686-linux-android	Not in release	Not in release	Not in release	Not in release	Needs evaluation
gcc-m68hc1x	Not in release	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
gcc-mingw-w64	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
gcc-msp430	Not in release	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
gcc-opt	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
gcc-snapshot	Not affected	Ignored	Ignored	Not affected	Not affected
gccgo-4.9	Not in release	Not in release	Not in release	Not in release	Not in release
gccgo-6	Not in release	Not in release	Not in release	Not in release	Not affected
gdb	Not affected	Vulnerable	Not affected	Not affected	Not affected
libiberty	Not affected	Vulnerable	Not affected	Not affected	Not affected

CVE-2021-45078

Low priority

Some fixes available 2 of 6

stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE:...

1 affected packages

binutils

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
binutils	Not affected	Not affected	Fixed	Vulnerable	Fixed

Export to JSON

Results by page: