Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

21 – 30 of 235 results


CVE-2023-1972

Low priority

Some fixes available 9 of 11

A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability.

2 affected packages

binutils, gdb

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
binutils Fixed Fixed Not affected Not affected Not affected
gdb Not affected Fixed Fixed Fixed Fixed
Show less packages

CVE-2023-1579

Medium priority
Fixed

Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64.

1 affected packages

binutils

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
binutils Not affected Not affected Not affected Not affected
Show less packages

CVE-2023-25588

Medium priority
Fixed

A flaw was found in Binutils. The field `the_bfd` of `asymbol`struct is uninitialized in the `bfd_mach_o_get_synthetic_symtab` function, which may lead to an application crash and local denial of service.

1 affected packages

binutils

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
binutils Fixed Fixed Fixed Fixed
Show less packages

CVE-2023-25585

Medium priority
Fixed

A flaw was found in Binutils. The use of an uninitialized field in the struct module *module may lead to application crash and local denial of service.

1 affected packages

binutils

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
binutils Fixed Fixed Fixed Fixed
Show less packages

CVE-2023-25584

Medium priority

Some fixes available 4 of 6

An out-of-bounds read flaw was found in the parse_module function in bfd/vms-alpha.c in Binutils.

1 affected packages

binutils

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
binutils Fixed Fixed Fixed Ignored
Show less packages

CVE-2022-4285

Low priority

Some fixes available 5 of 16

An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599.

3 affected packages

binutils, binutils-avr, gdb

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
binutils Not affected Fixed Not affected Not affected Not affected
binutils-avr Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gdb Not affected Fixed Fixed Fixed Fixed
Show less packages

CVE-2021-3826

Low priority
Vulnerable

Heap/stack buffer overflow in the dlang_lname function in d-demangle.c in libiberty allows attackers to potentially cause a denial of service (segmentation fault and crash) via a crafted mangled symbol.

51 affected packages

binutils, gcc-10, gcc-11, gcc-12, gcc-13...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
binutils Not affected Not affected Not affected Not affected Not affected
gcc-10 Not affected Not affected Not affected Not in release Not in release
gcc-11 Vulnerable Vulnerable Not in release Not in release Not in release
gcc-12 Not affected Not affected Not in release Ignored Ignored
gcc-13 Not affected Not in release Not in release Ignored Ignored
gcc-3.3 Not affected Not affected Not affected Not affected Not affected
gcc-4.4 Not in release Not in release Not in release Not in release Not in release
gcc-4.6 Not in release Not in release Not in release Not in release Not in release
gcc-4.7 Not in release Not in release Not in release Not in release Not affected
gcc-4.7-armel-cross Not in release Not in release Not in release Not in release Not affected
gcc-4.7-armhf-cross Not in release Not in release Not in release Not in release Not affected
gcc-4.8 Not in release Not in release Not in release Not affected Not affected
gcc-4.8-arm64-cross Not in release Not in release Not in release Not in release Not affected
gcc-4.8-armhf-cross Not in release Not in release Not in release Not in release Not affected
gcc-4.8-powerpc-cross Not in release Not in release Not in release Not in release Not affected
gcc-4.8-ppc64el-cross Not in release Not in release Not in release Not in release Not affected
gcc-4.9 Not in release Not in release Not in release Not in release Not affected
gcc-5 Not in release Not in release Not in release Not affected Not affected
gcc-5-cross Not in release Not in release Not in release Not affected Not affected
gcc-6 Not in release Not in release Not in release Not affected Not in release
gcc-6-cross Not in release Not in release Not in release Not affected Not in release
gcc-6-cross-ports Not in release Not in release Not in release Not affected Not in release
gcc-7 Not in release Not in release Not affected Not affected Not in release
gcc-7-cross Not in release Not in release Not in release Not affected Not in release
gcc-7-cross-ports Not in release Not in release Not in release Not affected Not in release
gcc-8 Not in release Not in release Not affected Not affected Not in release
gcc-8-cross Not in release Not in release Not affected Not affected Not in release
gcc-8-cross-ports Not in release Not in release Not affected Not affected Not in release
gcc-9 Not affected Not affected Not affected Not in release Not in release
gcc-9-cross Not affected Not affected Not affected Not in release Not in release
gcc-9-cross-ports Not affected Not affected Not affected Not in release Not in release
gcc-arm-linux-androideabi Not in release Not in release Not in release Not in release Not affected
gcc-arm-none-eabi Not affected Not affected Not affected Not affected Not affected
gcc-avr Not affected Not affected Not affected Not affected Not affected
gcc-defaults Not affected Not affected Not affected Not affected Not affected
gcc-defaults-arm64-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-armel-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-armhf-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-powerpc-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-ppc64el-cross Not in release Not in release Not in release Not in release Not in release
gcc-h8300-hms Not affected Not affected Not affected Not affected Not affected
gcc-i686-linux-android Not in release Not in release Not in release Not in release Not affected
gcc-m68hc1x Not in release Not affected Not affected Not affected Not affected
gcc-mingw-w64 Not affected Not affected Not affected Not affected Not affected
gcc-msp430 Not in release Not affected Not affected Not affected Not affected
gcc-opt Not affected Not affected Not affected Not affected Not affected
gcc-snapshot Not affected Not affected Not affected Not affected Not affected
gccgo-4.9 Not in release Not in release Not in release Not in release Not in release
gccgo-6 Not in release Not in release Not in release Not in release Not affected
gdb Not affected Not affected Not affected Needs evaluation Needs evaluation
libiberty Not affected Vulnerable Not affected Not affected Not affected
Show all 51 packages Show less packages

CVE-2022-38533

Medium priority
Fixed

In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file.

1 affected packages

binutils

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
binutils Fixed Fixed Fixed Fixed
Show less packages

CVE-2022-27943

Low priority
Vulnerable

libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.

52 affected packages

binutils, crash, gcc-10, gcc-11, gcc-12...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
binutils Not affected Vulnerable Not affected Not affected Not affected
crash Not affected Not affected Not affected Not affected Not affected
gcc-10 Not affected Not affected Not affected Not in release Not in release
gcc-11 Vulnerable Vulnerable Not in release Not in release Not in release
gcc-12 Vulnerable Vulnerable Not in release Not in release Not in release
gcc-13 Not affected Not in release Not in release Not in release Not in release
gcc-3.3 Not affected Not affected Not affected Not affected Needs evaluation
gcc-4.4 Not in release Not in release Not in release Not in release Not in release
gcc-4.6 Not in release Not in release Not in release Not in release Not in release
gcc-4.7 Not in release Not in release Not in release Not in release Needs evaluation
gcc-4.7-armel-cross Not in release Not in release Not in release Not in release Needs evaluation
gcc-4.7-armhf-cross Not in release Not in release Not in release Not in release Needs evaluation
gcc-4.8 Not in release Not in release Not in release Not affected Not affected
gcc-4.8-arm64-cross Not in release Not in release Not in release Not in release Needs evaluation
gcc-4.8-armhf-cross Not in release Not in release Not in release Not in release Needs evaluation
gcc-4.8-powerpc-cross Not in release Not in release Not in release Not in release Needs evaluation
gcc-4.8-ppc64el-cross Not in release Not in release Not in release Not in release Needs evaluation
gcc-4.9 Not in release Not in release Not in release Not in release Not affected
gcc-5 Not in release Not in release Not in release Not affected Not affected
gcc-5-cross Not in release Not in release Not in release Not affected Not affected
gcc-6 Not in release Not in release Not in release Not affected Not in release
gcc-6-cross Not in release Not in release Not in release Not affected Not in release
gcc-6-cross-ports Not in release Not in release Not in release Not affected Not in release
gcc-7 Not in release Not in release Not affected Not affected Not in release
gcc-7-cross Not in release Not in release Not in release Needs evaluation Not in release
gcc-7-cross-ports Not in release Not in release Not in release Needs evaluation Not in release
gcc-8 Not in release Not in release Not affected Not affected Not in release
gcc-8-cross Not in release Not in release Needs evaluation Needs evaluation Not in release
gcc-8-cross-ports Not in release Not in release Not affected Not affected Not in release
gcc-9 Not affected Not affected Not affected Not in release Not in release
gcc-9-cross Not affected Not affected Not affected Not in release Not in release
gcc-9-cross-ports Not affected Not affected Not affected Not in release Not in release
gcc-arm-linux-androideabi Not in release Not in release Not in release Not in release Needs evaluation
gcc-arm-none-eabi Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gcc-avr Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gcc-defaults Not affected Not affected Not affected Not affected Not affected
gcc-defaults-arm64-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-armel-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-armhf-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-powerpc-cross Not in release Not in release Not in release Not in release Not in release
gcc-defaults-ppc64el-cross Not in release Not in release Not in release Not in release Not in release
gcc-h8300-hms Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gcc-i686-linux-android Not in release Not in release Not in release Not in release Needs evaluation
gcc-m68hc1x Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gcc-mingw-w64 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gcc-msp430 Not in release Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gcc-opt Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gcc-snapshot Not affected Ignored Ignored Not affected Not affected
gccgo-4.9 Not in release Not in release Not in release Not in release Not in release
gccgo-6 Not in release Not in release Not in release Not in release Not affected
gdb Not affected Vulnerable Not affected Not affected Not affected
libiberty Not affected Vulnerable Not affected Not affected Not affected
Show all 52 packages Show less packages

CVE-2021-45078

Low priority

Some fixes available 2 of 6

stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE:...

1 affected packages

binutils

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
binutils Not affected Not affected Fixed Vulnerable Fixed
Show less packages