Information on source package binutils

Available versions

ReleaseVersion
wheezy2.22-8+deb7u2
wheezy (security)2.22-8+deb7u3
jessie2.25-5+deb8u1
stretch2.28-5
buster2.29.1-4
sid2.29.1-5

Open issues

BugwheezyjessiestretchbustersidDescription
CVE-2017-9955vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe get_build_id function in opncls.c in the Binary File Descriptor ...
CVE-2017-9954vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe getvalue function in tekhex.c in the Binary File Descriptor (BFD) ...
CVE-2017-9756vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe aarch64_ext_ldst_reglist function in opcodes/aarch64-dis.c in GNU ...
CVE-2017-9755vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedopcodes/i386-dis.c in GNU Binutils 2.28 does not consider the number of ...
CVE-2017-9754vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe process_otr function in bfd/versados.c in the Binary File ...
CVE-2017-9753vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe versados_mkobject function in bfd/versados.c in the Binary File ...
CVE-2017-9752vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedbfd/vms-alpha.c in the Binary File Descriptor (BFD) library (aka ...
CVE-2017-9751vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedopcodes/rl78-decode.opc in GNU Binutils 2.28 has an unbounded GETBYTE ...
CVE-2017-9750vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedopcodes/rx-decode.opc in GNU Binutils 2.28 lacks bounds checks for ...
CVE-2017-9749vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe *regs* macros in opcodes/bfin-dis.c in GNU Binutils 2.28 allow ...
CVE-2017-9748vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe ieee_object_p function in bfd/ieee.c in the Binary File Descriptor ...
CVE-2017-9747vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe ieee_archive_p function in bfd/ieee.c in the Binary File Descriptor ...
CVE-2017-9746vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe disassemble_bytes function in objdump.c in GNU Binutils 2.28 allows ...
CVE-2017-9745vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe _bfd_vms_slurp_etir function in bfd/vms-alpha.c in the Binary File ...
CVE-2017-9744vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe sh_elf_set_mach_from_flags function in bfd/elf32-sh.c in the Binary ...
CVE-2017-9743vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe print_insn_score32 function in opcodes/score7-dis.c:552 in GNU ...
CVE-2017-9742vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe score_opcodes function in opcodes/score7-dis.c in GNU Binutils 2.28 ...
CVE-2017-9044vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe print_symbol_for_build_attribute function in readelf.c in GNU ...
CVE-2017-9043vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedreadelf.c in GNU Binutils 2017-04-12 has a "shift exponent too large ...
CVE-2017-9042vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedreadelf.c in GNU Binutils 2017-04-12 has a "cannot be represented in ...
CVE-2017-9041vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedGNU Binutils 2.28 allows remote attackers to cause a denial of service ...
CVE-2017-9040vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedGNU Binutils 2017-04-03 allows remote attackers to cause a denial of ...
CVE-2017-9039vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedGNU Binutils 2.28 allows remote attackers to cause a denial of service ...
CVE-2017-9038vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedGNU Binutils 2.28 allows remote attackers to cause a denial of service ...
CVE-2017-8421vulnerable (no DSA)vulnerable (no DSA, ignored)fixedfixedfixedThe function coff_set_alignment_hook in coffcode.h in Binary File ...
CVE-2017-8398vulnerable (no DSA)vulnerable (no DSA, ignored)fixedfixedfixeddwarf.c in GNU Binutils 2.28 is vulnerable to an invalid read of size 1 ...
CVE-2017-8397vulnerable (no DSA)vulnerable (no DSA, ignored)fixedfixedfixedThe Binary File Descriptor (BFD) library (aka libbfd), as distributed ...
CVE-2017-8396vulnerable (no DSA)vulnerable (no DSA, ignored)fixedfixedfixedThe Binary File Descriptor (BFD) library (aka libbfd), as distributed ...
CVE-2017-8395vulnerable (no DSA)vulnerable (no DSA, ignored)fixedfixedfixedThe Binary File Descriptor (BFD) library (aka libbfd), as distributed ...
CVE-2017-8394vulnerable (no DSA)vulnerable (no DSA, ignored)fixedfixedfixedThe Binary File Descriptor (BFD) library (aka libbfd), as distributed ...
CVE-2017-8393vulnerable (no DSA)vulnerable (no DSA, ignored)fixedfixedfixedThe Binary File Descriptor (BFD) library (aka libbfd), as distributed ...
CVE-2017-7614vulnerable (no DSA)vulnerable (no DSA, ignored)fixedfixedfixedelflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as ...
CVE-2017-7304fixedvulnerable (no DSA, ignored)fixedfixedfixedThe Binary File Descriptor (BFD) library (aka libbfd), as distributed ...
CVE-2017-7303fixedvulnerable (no DSA, ignored)fixedfixedfixedThe Binary File Descriptor (BFD) library (aka libbfd), as distributed ...
CVE-2017-7302vulnerable (no DSA)vulnerable (no DSA, ignored)fixedfixedfixedThe Binary File Descriptor (BFD) library (aka libbfd), as distributed ...
CVE-2017-7301vulnerable (no DSA)vulnerable (no DSA, ignored)fixedfixedfixedThe Binary File Descriptor (BFD) library (aka libbfd), as distributed ...
CVE-2017-7300vulnerable (no DSA)vulnerable (no DSA, ignored)fixedfixedfixedThe Binary File Descriptor (BFD) library (aka libbfd), as distributed ...
CVE-2017-7299vulnerable (no DSA)vulnerable (no DSA, ignored)fixedfixedfixedThe Binary File Descriptor (BFD) library (aka libbfd), as distributed ...
CVE-2017-7227vulnerable (no DSA)vulnerable (no DSA, ignored)fixedfixedfixedGNU linker (ld) in GNU Binutils 2.28 is vulnerable to a heap-based ...
CVE-2017-7226vulnerable (no DSA)vulnerable (no DSA, ignored)fixedfixedfixedThe pe_ILF_object_p function in the Binary File Descriptor (BFD) ...
CVE-2017-7225vulnerable (no DSA)vulnerable (no DSA, ignored)fixedfixedfixedThe find_nearest_line function in addr2line in GNU Binutils 2.28 does ...
CVE-2017-7224vulnerable (no DSA)vulnerable (no DSA, ignored)fixedfixedfixedThe find_nearest_line function in objdump in GNU Binutils 2.28 is ...
CVE-2017-7223vulnerable (no DSA)vulnerable (no DSA, ignored)fixedfixedfixedGNU assembler in GNU Binutils 2.28 is vulnerable to a global buffer ...
CVE-2017-7210vulnerable (no DSA)vulnerable (no DSA, ignored)fixedfixedfixedobjdump in GNU Binutils 2.28 is vulnerable to multiple heap-based ...
CVE-2017-6969vulnerable (no DSA)vulnerable (no DSA, ignored)fixedfixedfixedreadelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer ...
CVE-2017-6966vulnerable (no DSA)vulnerable (no DSA, ignored)fixedfixedfixedreadelf in GNU Binutils 2.28 has a use-after-free (specifically ...
CVE-2017-6965vulnerable (no DSA)vulnerable (no DSA, ignored)fixedfixedfixedreadelf in GNU Binutils 2.28 writes to illegal addresses while ...
CVE-2017-15225vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerablevulnerable_bfd_dwarf2_cleanup_debug_info in dwarf2.c in the Binary File ...
CVE-2017-15025vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerablevulnerabledecode_line_info in dwarf2.c in the Binary File Descriptor (BFD) ...
CVE-2017-15024vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerablevulnerablefind_abstract_instance_name in dwarf2.c in the Binary File Descriptor ...
CVE-2017-15023vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerablevulnerableread_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) ...
CVE-2017-15022vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerablevulnerabledwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as ...
CVE-2017-15021vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerablevulnerablebfd_get_debug_link_info_1 in opncls.c in the Binary File Descriptor ...
CVE-2017-15020vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerablevulnerabledwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as ...
CVE-2017-14974vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe *_get_synthetic_symtab functions in the Binary File Descriptor ...
CVE-2017-14940vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerablevulnerablescan_unit_for_symbols in dwarf2.c in the Binary File Descriptor (BFD) ...
CVE-2017-14939vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerablevulnerabledecode_line_info in dwarf2.c in the Binary File Descriptor (BFD) ...
CVE-2017-14938vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerablevulnerable_bfd_elf_slurp_version_tables in elf.c in the Binary File Descriptor ...
CVE-2017-14934vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerablevulnerableprocess_debug_info in dwarf.c in the Binary File Descriptor (BFD) ...
CVE-2017-14933vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerablevulnerableread_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) ...
CVE-2017-14932vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerablevulnerabledecode_line_info in dwarf2.c in the Binary File Descriptor (BFD) ...
CVE-2017-14930vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerablevulnerableMemory leak in decode_line_info in dwarf2.c in the Binary File ...
CVE-2017-14745vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe *_get_synthetic_symtab functions in the Binary File Descriptor ...
CVE-2017-14729vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe *_get_synthetic_symtab functions in the Binary File Descriptor ...
CVE-2017-14529vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe pe_print_idata function in peXXigen.c in the Binary File Descriptor ...
CVE-2017-14333vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe process_version_sections function in readelf.c in GNU Binutils 2.29 ...
CVE-2017-14130vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe _bfd_elf_parse_attributes function in elf-attrs.c in the Binary ...
CVE-2017-14129vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe read_section function in dwarf2.c in the Binary File Descriptor ...
CVE-2017-14128vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe decode_line_info function in dwarf2.c in the Binary File Descriptor ...
CVE-2017-13757vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe Binary File Descriptor (BFD) library (aka libbfd), as distributed ...
CVE-2017-13716vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerablevulnerableThe C++ symbol demangler routine in cplus-dem.c in libiberty, as ...
CVE-2017-13710vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe setup_group function in elf.c in the Binary File Descriptor (BFD) ...
CVE-2017-12967vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe getsym function in tekhex.c in the Binary File Descriptor (BFD) ...
CVE-2017-12799vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe elf_read_notesfunction in bfd/elf.c in GNU Binutils 2.29 allows ...
CVE-2017-12459vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe bfd_mach_o_read_symtab_strtab function in bfd/mach-o.c in the ...
CVE-2017-12458vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe nlm_swap_auxiliary_headers_in function in bfd/nlmcode.h in the ...
CVE-2017-12457vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe bfd_make_section_with_flags function in section.c in the Binary ...
CVE-2017-12456vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe read_symbol_stabs_debugging_info function in rddbg.c in GNU ...
CVE-2017-12455vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe evax_bfd_print_emh function in vms-alpha.c in the Binary File ...
CVE-2017-12454vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe _bfd_vms_slurp_egsd function in bfd/vms-alpha.c in the Binary File ...
CVE-2017-12453vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe _bfd_vms_slurp_eeom function in libbfd.c in the Binary File ...
CVE-2017-12452vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe bfd_mach_o_i386_canonicalize_one_reloc function in ...
CVE-2017-12451vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe _bfd_xcoff_read_ar_hdr function in bfd/coff-rs6000.c and ...
CVE-2017-12450vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe alpha_vms_object_p function in bfd/vms-alpha.c in the Binary File ...
CVE-2017-12449vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe _bfd_vms_save_sized_string function in vms-misc.c in the Binary ...
CVE-2017-12448vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)fixedfixedThe bfd_cache_close function in bfd/cache.c in the Binary File ...
CVE-2016-6131fixedvulnerable (no DSA, ignored)fixedfixedfixedThe demangler in GNU Libiberty allows remote attackers to cause a ...
CVE-2016-4493fixedvulnerable (no DSA, ignored)fixedfixedfixedThe demangle_template_value_parm and do_hpacc_template_literal ...
CVE-2016-4492fixedvulnerable (no DSA, ignored)fixedfixedfixedBuffer overflow in the do_type function in cplus-dem.c in libiberty ...
CVE-2016-4491vulnerable (no DSA)vulnerable (no DSA, ignored)fixedfixedfixedThe d_print_comp function in cp-demangle.c in libiberty allows remote ...
CVE-2016-4490fixedvulnerable (no DSA, ignored)fixedfixedfixedInteger overflow in cp-demangle.c in libiberty allows remote attackers ...
CVE-2016-4489fixedvulnerable (no DSA, ignored)fixedfixedfixedInteger overflow in the gnu_special function in libiberty allows ...
CVE-2016-4488fixedvulnerable (no DSA, ignored)fixedfixedfixedUse-after-free vulnerability in libiberty allows remote attackers to ...
CVE-2016-4487fixedvulnerable (no DSA, ignored)fixedfixedfixedUse-after-free vulnerability in libiberty allows remote attackers to ...
CVE-2016-2226fixedvulnerable (no DSA, ignored)fixedfixedfixedInteger overflow in the string_appends function in cplus-dem.c in ...
CVE-2014-9939fixedvulnerable (no DSA, ignored)fixedfixedfixedihex.c in GNU Binutils before 2.26 contains a stack buffer overflow ...

Resolved issues

BugDescription
TEMP-0000000-E52D56Integer overflow in binutils' ELF parsing
CVE-2017-8392The Binary File Descriptor (BFD) library (aka libbfd), as distributed ...
CVE-2017-7209The dump_section_as_bytes function in readelf in GNU Binutils 2.28 ...
CVE-2014-8738The _bfd_slurp_extended_name_table function in bfd/archive.c in GNU ...
CVE-2014-8737Multiple directory traversal vulnerabilities in GNU binutils 2.24 and ...
CVE-2014-8504Stack-based buffer overflow in the srec_scan function in bfd/srec.c in ...
CVE-2014-8503Stack-based buffer overflow in the ihex_scan function in bfd/ihex.c in ...
CVE-2014-8502Heap-based buffer overflow in the pe_print_edata function in ...
CVE-2014-8501The _bfd_XXi_swap_aouthdr_in function in bfd/peXXigen.c in GNU ...
CVE-2014-8485The setup_group function in bfd/elf.c in libbfd in GNU binutils 2.24 ...
CVE-2014-8484The srec_scan function in bfd/srec.c in libdbfd in GNU binutils before ...
CVE-2012-3509Multiple integer overflows in the (1) _objalloc_alloc function in ...
CVE-2008-2310Format string vulnerability in c++filt in Apple Mac OS X 10.5 before ...
CVE-2006-2362Buffer overflow in getsym in tekhex.c in libbfd in Free Software ...
CVE-2006-0646ld in SUSE Linux 9.1 through 10.0, and SLES 9, in certain ...
CVE-2005-4808Buffer overflow in reset_vars in config/tc-crx.c in the GNU as (gas) ...
CVE-2005-4807Stack-based buffer overflow in the as_bad function in messages.c in ...

Security announcements

DSA / DLADescription
DLA-552-1binutils - security update
DLA-324-1binutils - security update
DLA-184-1binutils - security update
DSA-3123-1binutils - security update

Search for package or bug name: Reporting problems