binutils (SUSE:Linux Enterprise High Performance Computing 15 SP1-LTSS) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise High Performance Computing 15 SP1-LTSS package binutils, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (44)
CVE-2020-19726 — CVSS 8.8 (high): An issue was discovered in binutils libbfd.c 2.36 relating to the auxiliary symbol data allows attackers to read or write to system memory…
CVE-2022-47695 — CVSS 7.8 (high): An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via…
CVE-2022-47696 — CVSS 7.8 (high): An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via…
CVE-2022-47673 — CVSS 7.8 (high): An issue was discovered in Binutils addr2line before 2.39.3, function parse_module contains multiple out of bound reads which may cause a…
CVE-2022-45703 — CVSS 7.8 (high): Heap buffer overflow vulnerability in binutils readelf before 2.40 via function display_debug_section in file readelf.c.
CVE-2021-20294 — CVSS 7.8 (high): A flaw was found in binutils readelf 2.35 program. An attacker who is able to convince a victim using readelf to read a crafted file could…
CVE-2022-44840 — CVSS 7.8 (high): Heap buffer overflow vulnerability in binutils readelf before 2.40 via function find_section_in_set in file readelf.c.
CVE-2021-45078 — CVSS 7.8 (high): stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow)…
CVE-2021-3530 — CVSS 7.5 (high): A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed in GNU Binutils version 2.36. A crafted…
CVE-2021-3826 — CVSS 6.5 (medium): Heap/stack buffer overflow in the dlang_lname function in d-demangle.c in libiberty allows attackers to potentially cause a denial of…
CVE-2023-1972 — CVSS 6.5 (medium): A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability.
CVE-2021-32256 — CVSS 6.5 (medium): An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangle_type in…
CVE-2021-20197 — CVSS 6.3 (medium): There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip…
CVE-2022-4285 — CVSS 5.5 (medium): An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may…
CVE-2022-38533 — CVSS 5.5 (medium): In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in…
CVE-2020-16590 — CVSS 5.5 (medium): A double free vulnerability exists in the Binary File Descriptor (BFD) (aka libbrd) in GNU Binutils 2.35 in the process_symbol_table, as…
CVE-2020-16591 — CVSS 5.5 (medium): A Denial of Service vulnerability exists in the Binary File Descriptor (BFD) in GNU Binutils 2.35 due to an invalid read in…
CVE-2020-16592 — CVSS 5.5 (medium): A use after free issue exists in the Binary File Descriptor (BFD) library (aka libbfd) in GNU Binutils 2.34 in bfd_hash_lookup, as…
CVE-2020-16593 — CVSS 5.5 (medium): A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils…
CVE-2020-16599 — CVSS 5.5 (medium): A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils…
CVE-2020-35493 — CVSS 5.5 (medium): A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap…
CVE-2020-35496 — CVSS 5.5 (medium): There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file…
CVE-2020-35507 — CVSS 5.5 (medium): There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able…
CVE-2021-20284 — CVSS 5.5 (medium): A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c due…
CVE-2021-46195 — CVSS 5.5 (medium): GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust-demangle.c. This vulnerability allows…
CVE-2022-27943 — CVSS 5.5 (medium): libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.
CVE-2022-35205 — CVSS 5.5 (medium): An issue was discovered in Binutils readelf 2.38.50, reachable assertion failure in function display_debug_names allows attackers to cause…
CVE-2022-35206 — CVSS 5.5 (medium): Null pointer dereference vulnerability in Binutils readelf 2.38.50 via function read_and_display_attr_value in file dwarf.c.
CVE-2022-48063 — CVSS 5.5 (medium): GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function load_separate_debug_files…
CVE-2022-48064 — CVSS 5.5 (medium): GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function bfd_dwarf2_find_nearest_li…
CVE-2022-48065 — CVSS 5.5 (medium): GNU Binutils before 2.40 was discovered to contain a memory leak vulnerability var the function find_abstract_instance in dwarf2.c.
CVE-2023-25588 — CVSS 4.7 (medium): A flaw was found in Binutils. The field `the_bfd` of `asymbol`struct is uninitialized in the `bfd_mach_o_get_synthetic_symtab` function…
CVE-2023-25585 — CVSS 4.7 (medium): A flaw was found in Binutils. The use of an uninitialized field in the struct module *module may lead to application crash and local denial…
CVE-2023-0687 — CVSS 4.6 (medium): A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function __monstartup of…
CVE-2020-35448 — CVSS 3.3 (low): An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35.1. A heap-based…
CVE-2022-38127: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation…
CVE-2022-38126: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation…
CVE-2021-3487: Rejected reason: Non Security Issue. See the binutils security policy for more details, https://sourceware.org/cgit/binutils-gdb/tree/binuti…
CVE-2021-3648: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-3530. Reason: This candidate is a reservation duplicate of…
CVE-2023-25587: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation…
CVE-2020-16598: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation…
CVE-2023-2222: Rejected reason: This was deemed not a security vulnerability by upstream.