AVG-1540 log

Package	binutils
Status	Fixed
Severity	Medium
Type	multiple issues
Affected	2.36.1-3
Fixed	2.38-1
Current	2.42-3 [core]
Ticket	None
Created	Sat Feb 6 13:45:56 2021

Issue	Severity	Remote	Type	Description
CVE-2021-20197	Medium	No	Arbitrary filesystem access	There is an open race window when writing output in the following utilities in GNU binutils: ar, objcopy, strip, ranlib. When these utilities are run as a...
CVE-2021-3648	Low	No	Denial of service	A flaw was discovered in GNU libiberty as distributed in GNU Binutils version 2.36.50. A crafted file can cause an infinite loop leading to a stack overflow...
CVE-2021-3530	Medium	No	Arbitrary code execution	A security issue was discovered in GNU libiberty, as distributed in GNU Binutils version 2.36. A crafted file can cause a stack-based buffer overflow in...

Issue

Severity

Remote

Type

Description

CVE-2021-20197

Medium

Arbitrary filesystem access

There is an open race window when writing output in the following utilities in GNU binutils: ar, objcopy, strip, ranlib. When these utilities are run as a...

CVE-2021-3648

Low

Denial of service

A flaw was discovered in GNU libiberty as distributed in GNU Binutils version 2.36.50. A crafted file can cause an infinite loop leading to a stack overflow...

CVE-2021-3530

Medium

Arbitrary code execution

A security issue was discovered in GNU libiberty, as distributed in GNU Binutils version 2.36. A crafted file can cause a stack-based buffer overflow in...