GNU Binutils 2.40

CPE Details

GNU Binutils 2.40
gnu
binutils
2.40
2022-08-30
11h55 +00:00
2022-09-03
01h59 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:gnu:binutils:2.40:*:*:*:*:*:*:*

Informations

Vendor

gnu

Product

binutils

Version

2.40

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2025-0840 2025-01-29 20h00 +00:00 A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects the function disassemble_bytes of the file binutils/objdump.c. The manipulation of the argument buf leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 2.44 is able to address this issue. The identifier of the patch is baac6c221e9d69335bf41366a1c7d87d8ab2f893. It is recommended to upgrade the affected component.
6.3
Medium
CVE-2023-25585 2023-09-14 20h50 +00:00 A flaw was found in Binutils. The use of an uninitialized field in the struct module *module may lead to application crash and local denial of service.
5.5
Medium
CVE-2023-25586 2023-09-14 20h49 +00:00 A flaw was found in Binutils. A logic fail in the bfd_init_section_decompress_status function may lead to the use of an uninitialized variable that can cause a crash and local denial of service.
5.5
Medium
CVE-2023-25588 2023-09-14 20h47 +00:00 A flaw was found in Binutils. The field `the_bfd` of `asymbol`struct is uninitialized in the `bfd_mach_o_get_synthetic_symtab` function, which may lead to an application crash and local denial of service.
5.5
Medium
CVE-2023-1972 2023-05-17 00h00 +00:00 A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability.
6.5
Medium