CVE-2017-8421

MEDIUM Year: 2017
CVSS v3 Score
5.5
Medium
CVSS v2 Score
7.1
High
Weakness Type
CWE-772
View all →

Vulnerability Description

The function coff_set_alignment_hook in coffcode.h in Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a memory leak vulnerability which can cause memory exhaustion in objdump via a crafted PE file. Additional validation in dump_relocs_in_section in objdump.c can resolve this.

Related Vulnerabilities

CVE-2011-1488

MEDIUM
CVSS:5.5(Medium)

A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when $RepeatedMsgReduction was enabled. A local attacker could use this flaw to cause a denial of th...

CWE-7722011

CVE-2011-1489

MEDIUM
CVSS:5.5(Medium)

A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages were logged when multiple rulesets were used and some output batches contained messages belonging to more than ...

CWE-7722011

CVE-2011-1490

MEDIUM
CVSS:5.5(Medium)

A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when multiple rulesets were used and some output batches contained messages belonging to more than o...

CWE-7722011

CVE-2011-2498

MEDIUM
CVSS:5.5(Medium)

The Linux kernel from v2.3.36 before v2.6.39 allows local unprivileged users to cause a denial of service (memory consumption) by triggering creation of PTE pages.

CWE-7722011

CVE-2017-0697

MEDIUM
CVSS:5.5(Medium)

A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37239013.

CWE-7722017

CVE-2017-0726

MEDIUM
CVSS:5.5(Medium)

A denial of service vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36389123.

CWE-7722017