Manh-Dung Nguyen

**Name of the Vulnerable Software and Affected Versions** Artifex Software, Inc. MuPDF library versions 1.17.0-rc1 and earlier **Description** A Use After Free issue exists when a valid page is followed by a page with invalid pixmap dimensions, causing `bander` - a static - to point to previously freed memory instead of a `newband writer`. **Recommendations** For versions 1.17.0-rc1 and earlier, consider updating to a newer version to mitigate the risk, however, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GNU Binutils versions 2.34 through 2.35 **Description** A double free vulnerability exists in the Binary File Descriptor (BFD) (also known as libbrd) in GNU Binutils. This issue is related to an error in the process symbol table function, as demonstrated in readelf, and can be exploited via a crafted file. The vulnerability may allow an attacker to cause a denial of service. **Recommendations** For GNU Binutils version 2.34, consider updating to a version later than 2.35 to resolve the issue. For GNU Binutils version 2.35, as a temporary workaround, consider restricting the use of the process symbol table function in readelf until a patch is available.

**Name of the Vulnerable Software and Affected Versions** GNU Binutils versions 2.34 through 2.35 **Description** A Denial of Service issue exists in the Binary File Descriptor (BFD) due to an invalid read in the `process symbol table` function. This can allow an attacker to cause a denial of service. **Recommendations** For GNU Binutils version 2.34, consider disabling the `process symbol table` function as a temporary workaround until a patch is available. For GNU Binutils version 2.35, consider disabling the `process symbol table` function as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** GNU Binutils versions 2.34 through 2.35 **Description** A Null Pointer Dereference issue exists in the Binary File Descriptor (BFD) library, as distributed in GNU Binutils, in the ` bfd elf get symbol version string` function, which can cause a denial of service via a crafted file. This issue can be demonstrated in nm-new. **Recommendations** For GNU Binutils version 2.34, update to a version later than 2.35 to resolve the issue. For GNU Binutils version 2.35, consider disabling the ` bfd elf get symbol version string` function as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** GNU patch versions prior to 2.7.7 **Description** The issue is related to a Double Free vulnerability in the `another hunk` function in `pch.c`, which can cause a denial of service via a crafted patch file. **Recommendations** For GNU patch versions prior to 2.7.7, update to version 2.7.7 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** GNU Binutils version 2.28 **Description** The Binary File Descriptor library is susceptible to an invalid read and write during the processing of a corrupt binary. This issue leads to a crash in programs that analyze binary programs using the affected library, such as objdump. **Recommendations** For GNU Binutils version 2.28, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GNU Binutils version 2.28 **Description** The Binary File Descriptor library is prone to an invalid read of size 8 due to a missing check for NULL symbols in the ` bfd dwarf2 find nearest line` function. This issue causes programs that analyze binary programs using the library, such as objdump, to crash. **Recommendations** For GNU Binutils version 2.28, consider applying a patch that adds a check to determine whether symbols are NULL in the ` bfd dwarf2 find nearest line` function to prevent the invalid read.

**Name of the Vulnerable Software and Affected Versions** GNU Binutils version 2.28 **Description** The issue arises from an invalid read of size 1 during the dumping of debug information from a corrupt binary in the dwarf.c file. This causes programs like objdump and readelf, which analyze binary programs, to crash. **Recommendations** For GNU Binutils version 2.28, consider updating to a newer version that contains a fix for this issue to prevent programs like objdump and readelf from crashing when analyzing corrupt binaries.

**Name of the Vulnerable Software and Affected Versions** GNU Binutils version 2.28 **Description** The Binary File Descriptor library is prone to a global buffer over-read error due to an incorrect assumption about the naming of SHT REL/SHR RELA sections. This issue affects programs that analyze binary programs using the library, such as objcopy and strip, causing them to crash. **Recommendations** For GNU Binutils version 2.28, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GNU Binutils version 2.28 **Description** The Binary File Descriptor library is prone to an invalid read of size 4 due to NULL pointer dereferencing of ` bfd elf large com section`. This issue causes programs that analyze binary programs using the libbfd library, such as objcopy, to crash. **Recommendations** For GNU Binutils version 2.28, consider updating to a newer version to resolve the issue, as the current version is affected by the NULL pointer dereferencing vulnerability in the ` bfd elf large com section` function.

**Name of the Vulnerable Software and Affected Versions** GNU Binutils version 2.28 **Description** The Binary File Descriptor (BFD) library is vulnerable due to a missing malloc() return-value check in the bfd generic get section contents function, causing an invalid write of size 8. This issue affects programs that analyze binary programs using the libbfd library, such as objcopy, leading to crashes. **Recommendations** For GNU Binutils version 2.28, consider applying a patch that adds a malloc() return-value check to the bfd generic get section contents function to prevent invalid writes and subsequent crashes.

**Name of the Vulnerable Software and Affected Versions** GNU Binutils version 2.28 **Description** The Binary File Descriptor library is susceptible to an invalid read due to inadequate reloc offset range tests, which failed to account for small negative offsets. This issue can cause programs utilizing the library, such as objdump, to crash when analyzing binary programs. **Recommendations** For GNU Binutils version 2.28, update to a version that includes the fix for the invalid read issue in the Binary File Descriptor library.