This page lists publicly disclosed CVE vulnerabilities affecting gnu binutils (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-47695 | An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function bfd_mach_o_get_synthetic_symtab in match-o.c. | [email protected] | 7.8 | 0.46% | 2023-08-22 | 2026-06-17 |
| CVE-2022-47673 | An issue was discovered in Binutils addr2line before 2.39.3, function parse_module contains multiple out of bound reads which may cause a denial of service or other unspecified impacts. | [email protected] | 7.8 | 0.43% | 2023-08-22 | 2026-06-17 |
| CVE-2022-47011 | An issue was discovered function parse_stab_struct_fields in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks. | [email protected] | 5.5 | 0.40% | 2023-08-22 | 2026-06-17 |
| CVE-2022-47010 | An issue was discovered function pr_function_type in prdbg.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks. | [email protected] | 5.5 | 0.40% | 2023-08-22 | 2026-06-17 |
| CVE-2022-47008 | An issue was discovered function make_tempdir, and make_tempname in bucomm.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks. | [email protected] | 5.5 | 0.40% | 2023-08-22 | 2026-06-17 |
| CVE-2022-47007 | An issue was discovered function stab_demangle_v3_arg in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks. | [email protected] | 5.5 | 0.40% | 2023-08-22 | 2026-06-17 |
| CVE-2022-45703 | Heap buffer overflow vulnerability in binutils readelf before 2.40 via function display_debug_section in file readelf.c. | [email protected] | 7.8 | 0.51% | 2023-08-22 | 2026-06-17 |
| CVE-2022-44840 | Heap buffer overflow vulnerability in binutils readelf before 2.40 via function find_section_in_set in file readelf.c. | [email protected] | 7.8 | 0.46% | 2023-08-22 | 2026-06-17 |
| CVE-2022-35206 | Null pointer dereference vulnerability in Binutils readelf 2.38.50 via function read_and_display_attr_value in file dwarf.c. | [email protected] | 5.5 | 0.30% | 2023-08-22 | 2026-06-17 |
| CVE-2022-35205 | An issue was discovered in Binutils readelf 2.38.50, reachable assertion failure in function display_debug_names allows attackers to cause a denial of service. | [email protected] | 5.5 | 0.40% | 2023-08-22 | 2026-06-17 |
| CVE-2021-46174 | Heap-based Buffer Overflow in function bfd_getl32 in Binutils objdump 3.37. | [email protected] | 7.5 | 0.70% | 2023-08-22 | 2026-06-17 |
| CVE-2020-35342 | GNU Binutils before 2.34 has an uninitialized-heap vulnerability in function tic4x_print_cond (file opcodes/tic4x-dis.c) which could allow attackers to make an information leak. | [email protected] | 7.5 | 0.66% | 2023-08-22 | 2026-06-16 |
| CVE-2020-21490 | An issue was discovered in GNU Binutils 2.34. It is a memory leak when process microblaze-dis.c. This one will consume memory on each insn disassembled. | [email protected] | 5.5 | 0.30% | 2023-08-22 | 2026-06-16 |
| CVE-2020-19726 | An issue was discovered in binutils libbfd.c 2.36 relating to the auxiliary symbol data allows attackers to read or write to system memory or cause a denial of service. | [email protected] | 8.8 | 0.66% | 2023-08-22 | 2026-06-16 |
| CVE-2020-19724 | A memory consumption issue in get_data function in binutils/nm.c in GNU nm before 2.34 allows attackers to cause a denial of service via crafted command. | [email protected] | 5.5 | 0.27% | 2023-08-22 | 2026-06-16 |
| CVE-2021-32256 | An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangle_type in rust-demangle.c. | [email protected] | 6.5 | 0.67% | 2023-07-18 | 2026-06-16 |
| CVE-2023-1972 | A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability. | [email protected] | 6.5 | 0.90% | 2023-05-17 | 2026-06-17 |
| CVE-2023-1579 | Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64. | [email protected] | 7.8 | 0.49% | 2023-04-03 | 2026-06-17 |
| CVE-2022-4285 | An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599. | [email protected] | 5.5 | 0.44% | 2023-01-27 | 2026-06-17 |
| CVE-2022-38533 | In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file. | [email protected] | 5.5 | 0.31% | 2022-08-25 | 2026-06-17 |