Package "binutils-sh4-linux-gnu"
| Name: |
binutils-sh4-linux-gnu
|
Description: |
GNU binary utilities, for sh4-linux-gnu target
|
| Latest version: |
2.38-4ubuntu2.10 |
| Release: |
jammy (22.04) |
| Level: |
security |
| Repository: |
universe |
| Head package: |
binutils |
| Homepage: |
https://www.gnu.org/software/binutils/ |
Links
Download "binutils-sh4-linux-gnu"
Other versions of "binutils-sh4-linux-gnu" in Jammy
Changelog
|
binutils (2.38-4ubuntu2.10) jammy-security; urgency=medium
* SECURITY UPDATE: Heap based buffer overflow
- debian/patches/CVE-2025-11082.patch: avoid reads of beyond
.eh_frame section in bfd/elf-eh-frame.c.
- CVE-2025-11082
* SECURITY UPDATE: Heap based buffer overflow
- debian/patches/CVE-2025-11083.patch: fix in bfd/elfcode.h.
- CVE-2025-11083
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2025-1147.patch: fix treating an ifunc symbol
as a stab in binutils/nm.c, binutils/testsuite/binutils-all/nm.exp.
- CVE-2025-1147
* SECURITY UPDATE: Memory leak
- debian/patches/CVE-2025-1148.patch: replace xmalloc with stat_alloc
in ld parser in multiple files.
- CVE-2025-1148
* SECURITY UPDATE: Memory leak
- debian/patches/CVE-2025-3198.patch: fix memory leak
inbinutils/bucomm.c.
- CVE-2025-3198
* SECURITY UPDATE: Memory corruption
- debian/patches/CVE-2025-5244.patch: fix segfault
in bfd/elflink.c
- CVE-2025-5244
* SECURITY UPDATE: Memory corruption
- debian/patches/CVE-2025-5245.patch: fix segfault
in binutils/debug.c
- CVE-2025-5245
* SECURITY UPDATE: Heap-based buffer overflow
- debian/patches/CVE-2025-7545.patch: check size
of copy_section in binutils/objcopy.c
- CVE-2025-7545
* SECURITY UPDATE: Memory leak
- debian/patches/CVE-2025-8225.patch: fix in binutils/dwarf.c.
- CVE-2025-8225
-- Leonidas Da Silva Barbosa <email address hidden> Wed, 22 Oct 2025 09:58:08 -0300
|
| Source diff to previous version |
| CVE-2025-11082 |
A flaw has been found in GNU Binutils 2.45. Impacted is the function _bfd_elf_parse_eh_frame of the file bfd/elf-eh-frame.c of the component Linker. |
| CVE-2025-11083 |
A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elf_swap_shdr in the library bfd/elfcode.h of the component |
| CVE-2025-1147 |
A vulnerability has been found in GNU Binutils 2.43 and classified as problematic. Affected by this vulnerability is the function __sanitizer::intern |
| CVE-2025-1148 |
A vulnerability was found in GNU Binutils 2.43 and classified as problematic. Affected by this issue is the function link_order_scan of the file ld/l |
| CVE-2025-3198 |
A vulnerability has been found in GNU Binutils 2.43/2.44 and classified as problematic. Affected by this vulnerability is the function display_info o |
| CVE-2025-5244 |
A vulnerability was found in GNU Binutils up to 2.44. It has been rated as critical. Affected by this issue is the function elf_gc_sweep of the file |
| CVE-2025-5245 |
A vulnerability classified as critical has been found in GNU Binutils up to 2.44. This affects the function debug_type_samep of the file /binutils/de |
| CVE-2025-7545 |
A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerability is the function copy_section of the file bin |
| CVE-2025-8225 |
A vulnerability was found in GNU Binutils 2.44 and classified as problematic. This issue affects the function process_debug_info of the file binutils |
|
|
binutils (2.38-4ubuntu2.8) jammy-security; urgency=medium
* SECURITY UPDATE: Memory corruption
- debian/patches/CVE-2025-1153.patch: introduces new variant of einfo
called 'fatal' that always exits in ld/*.
- CVE-2025-1153
* SECURITY UPDATE: Heap based buffer overflow
- debian/patches/CVE-2025-1176.patch: prevent illegal memory access
when indexing into the sym_hashes array in bfd/elflink.c.
- CVE-2025-1176
* SECURITY UPDATE: Memory corruption
- debian/patches/CVE-2025-1178.patch: prevent an abort in the bfd linkder
when attempting to generate dynamic relocs for a corrupt input file
in bfd/elf64-x86-64.c.
- CVE-2025-1178
* SECURITY UPDATE: Memory corruption
- debian/patches/CVE-2025-1181-pre.patch: prevent illegal memory access
when checking relocs in a corrupt ELF binary in bfd/elf-bfd.h,
bfd/elf64-x86-64.c, bfd/elflink.c, bfd/elfxx-x86.c.
- debian/patches/CVE-2025-1181.patch: add even more checks for corrupt
input when processing relocations for ELF files in bdf/elflink.c.
- CVE-2025-1181
* SECURITY UPDATE: Memory corruption
- debian/patches/CVE-2025-1182.patch: fix illegal memory access
triggered by corrupt ELF input files in bfd/elflink.c.
- CVE-2025-1182
-- Leonidas Da Silva Barbosa <email address hidden> Mon, 17 Mar 2025 16:24:06 -0300
|
| Source diff to previous version |
| CVE-2025-1153 |
A vulnerability classified as problematic was found in GNU Binutils 2.43/2.44. Affected by this vulnerability is the function bfd_set_format of the f |
| CVE-2025-1176 |
A vulnerability was found in GNU Binutils 2.43 and classified as critical. This issue affects the function _bfd_elf_gc_mark_rsec of the file elflink. |
| CVE-2025-1178 |
A vulnerability was found in GNU Binutils 2.43. It has been declared as problematic. Affected by this vulnerability is the function bfd_putl64 of the |
| CVE-2025-1181 |
A vulnerability classified as critical was found in GNU Binutils 2.43. This vulnerability affects the function _bfd_elf_gc_mark_rsec of the file bfd/ |
| CVE-2025-1182 |
A vulnerability, which was classified as critical, was found in GNU Binutils 2.43. Affected is the function bfd_elf_reloc_symbol_deleted_p of the fil |
|
|
binutils (2.38-4ubuntu2.7) jammy-security; urgency=medium
* SECURITY UPDATE: Incorrect access control
- debian/patches/CVE-2024-57360.patch: avoid potential
segmentation fault when displaying symbols without version
info in binutils/nm.c.
- CVE-2024-57360
* SECURITY UPDATE: Stack-based overflow
- debian/patches/CVE-2025-0840.patch: fixing boundaries
checking in binutils/objdump.c.
- CVE-2025-0840
-- Leonidas Da Silva Barbosa <email address hidden> Wed, 05 Feb 2025 12:56:02 -0300
|
| Source diff to previous version |
| CVE-2024-57360 |
https://www.gnu.org/software/binutils/ nm >=2.43 is affected by: Incor ... |
| CVE-2025-0840 |
A vulnerability, which was classified as problematic, was found in GNU ... |
|
|
binutils (2.38-4ubuntu2.6) jammy-security; urgency=medium
* SECURITY UPDATE: segmentation fault in objdump.c compare_symbols
- debian/patches/CVE-2022-47695.patch: test symbol flags to exclude
section and synthetic symbols before attempting to check flavour
(compare_symbols).
- CVE-2022-47695
* SECURITY UPDATE: excessive memory allocation in objdump.c
- debian/patches/CVE-2022-48063.patch: check that the amount of memory to
be allocated matches the size of the section
(load_specific_debug_section).
- CVE-2022-48063
* SECURITY UPDATE: Memory leak in find_abstract_instance in dwarf2.c
- debian/patches/CVE-2022-48065.patch: remove memory leaks due to double
allocation of the name variable, and free memory before re-assigning a
new naming variable
- CVE-2022-48065
-- Nick Galanis <email address hidden> Tue, 23 Jan 2024 15:08:56 +0000
|
| Source diff to previous version |
| CVE-2022-47695 |
An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function bfd_ma |
| CVE-2022-48063 |
GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function load_separate_debug_files at dwarf2 |
| CVE-2022-48065 |
GNU Binutils before 2.40 was discovered to contain a memory leak vulnerability var the function find_abstract_instance in dwarf2.c. |
|
|
binutils (2.38-4ubuntu2.5) jammy-security; urgency=medium
* SECURITY UPDATE: heap buffer overflow in dwarf.c
- debian/patches/CVE-2022-44840.patch: delete range check (end_cu_tu_entry
and add_shndx_to_cu_tu_entry) and fill shndx_pool by directly scanning
pool, rather than indirectly from index entries (process_cu_tu_index).
- CVE-2022-44840
* SECURITY UPDATE: heap buffer overflow in dwarf.c
- debian/patches/CVE-2022-45703-0.patch: combine sanity checks. Calculate
element counts, not word counts (display_gdb_index).
- debian/patches/CVE-2022-45703-1.patch: typo fix.
- CVE-2022-45703
* SECURITY UPDATE: memory leak in stabs.c
- debian/patches/CVE-2022-47007.patch: free dt on failure path
(stab_demangle_v3_arg).
- CVE-2022-47007
* SECURITY UPDATE: memory leak in bucomm.c
- debian/patches/CVE-2022-47008.patch: free template on all failure paths
(make_tempdir, make_tempname).
- CVE-2022-47008
* SECURITY UPDATE: memory leak in prdbg.c
- debian/patches/CVE-2022-47010.patch: free "s" on failure path
(pr_function_type).
- CVE-2022-47010
* SECURITY UPDATE: memory leak in stabs.c
- debian/patches/CVE-2022-47011.patch: free "fields" on failure path
(parse_stab_struct_fields).
- CVE-2022-47011
-- Nick Galanis <email address hidden> Wed, 03 Jan 2024 13:16:50 +0200
|
| CVE-2022-44840 |
Heap buffer overflow vulnerability in binutils readelf before 2.40 via function find_section_in_set in file readelf.c. |
| CVE-2022-45703 |
Heap buffer overflow vulnerability in binutils readelf before 2.40 via function display_debug_section in file readelf.c. |
| CVE-2022-47007 |
An issue was discovered function stab_demangle_v3_arg in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to mem |
| CVE-2022-47008 |
An issue was discovered function make_tempdir, and make_tempname in bucomm.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of servic |
| CVE-2022-47010 |
An issue was discovered function pr_function_type in prdbg.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory |
| CVE-2022-47011 |
An issue was discovered function parse_stab_struct_fields in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to |
|
About
-
Send Feedback to @ubuntu_updates
