| Errata ID | 128 |
|---|---|
| Date | 2015-03-25 |
| Source package | binutils |
| Fixed in version | 2.22-8.30.201503161736 |
| Description | Multiple security issues have been found in binutils and the included bfd library, which is e.g. used by strings(1), nm(1), objdump(1) or gdb(1): * Invalid read in libbfd (CVE-2014-8484) * Buffer overflow in libbfd (CVE-2014-8485) * Out of bounds write when parsing PE executables (CVE-2014-8501) * Heap overflow in objdump (CVE-2014-8502) * Buffer overflow in objdump when parsing ihex files (CVE-2014-8503) * Buffer overflow in parsing S-Records (CVE-2014-8504) * Directory traversal in ar and objcopy (CVE-2014-8737) * Out of bounds write in ar (CVE-2014-8738) |
| Additional notes | |
| CVE ID | CVE-2014-8484 CVE-2014-8485 CVE-2014-8501 CVE-2014-8502 CVE-2014-8503 CVE-2014-8504 CVE-2014-8737 CVE-2014-8738 |
| UCS Bug number | #36983 |
