{"id":"USN-4336-2","summary":"binutils vulnerabilities","details":"USN-4336-1 fixed several vulnerabilities in GNU binutils. This update provides\nthe corresponding update for Ubuntu 16.04 ESM.\n\nOriginal advisory details:\n\n It was discovered that GNU binutils contained a large number of security\n issues. If a user or automated system were tricked into processing a\n specially-crafted file, a remote attacker could cause GNU binutils to\n crash, resulting in a denial of service, or possibly execute arbitrary\n code.\n","modified":"2026-04-24T09:17:36.726221786Z","published":"2021-07-21T13:08:04Z","related":["UBUNTU-CVE-2016-2226","UBUNTU-CVE-2016-4487","UBUNTU-CVE-2016-4488","UBUNTU-CVE-2016-4489","UBUNTU-CVE-2016-4490","UBUNTU-CVE-2016-4491","UBUNTU-CVE-2016-4492","UBUNTU-CVE-2016-4493","UBUNTU-CVE-2016-6131","UBUNTU-CVE-2017-12448","UBUNTU-CVE-2017-12449","UBUNTU-CVE-2017-12450","UBUNTU-CVE-2017-12451","UBUNTU-CVE-2017-12452","UBUNTU-CVE-2017-12453","UBUNTU-CVE-2017-12454","UBUNTU-CVE-2017-12455","UBUNTU-CVE-2017-12456","UBUNTU-CVE-2017-12457","UBUNTU-CVE-2017-12458","UBUNTU-CVE-2017-12459","UBUNTU-CVE-2017-12799","UBUNTU-CVE-2017-12967","UBUNTU-CVE-2017-13710","UBUNTU-CVE-2017-14128","UBUNTU-CVE-2017-14129","UBUNTU-CVE-2017-14130","UBUNTU-CVE-2017-14333","UBUNTU-CVE-2017-14529","UBUNTU-CVE-2017-14930","UBUNTU-CVE-2017-14932","UBUNTU-CVE-2017-14938","UBUNTU-CVE-2017-14939","UBUNTU-CVE-2017-14940","UBUNTU-CVE-2017-15020","UBUNTU-CVE-2017-15021","UBUNTU-CVE-2017-15022","UBUNTU-CVE-2017-15024","UBUNTU-CVE-2017-15025","UBUNTU-CVE-2017-15225","UBUNTU-CVE-2017-15938","UBUNTU-CVE-2017-15939","UBUNTU-CVE-2017-15996","UBUNTU-CVE-2017-16826","UBUNTU-CVE-2017-16827","UBUNTU-CVE-2017-16828","UBUNTU-CVE-2017-16831","UBUNTU-CVE-2017-16832","UBUNTU-CVE-2017-17080","UBUNTU-CVE-2017-17121","UBUNTU-CVE-2017-17123","UBUNTU-CVE-2017-17124","UBUNTU-CVE-2017-17125","UBUNTU-CVE-2017-6965","UBUNTU-CVE-2017-6966","UBUNTU-CVE-2017-6969","UBUNTU-CVE-2017-7209","UBUNTU-CVE-2017-7210","UBUNTU-CVE-2017-7223","UBUNTU-CVE-2017-7224","UBUNTU-CVE-2017-7225","UBUNTU-CVE-2017-7226","UBUNTU-CVE-2017-7227","UBUNTU-CVE-2017-7299","UBUNTU-CVE-2017-7300","UBUNTU-CVE-2017-7301","UBUNTU-CVE-2017-7302","UBUNTU-CVE-2017-7614","UBUNTU-CVE-2017-8393","UBUNTU-CVE-2017-8394","UBUNTU-CVE-2017-8395","UBUNTU-CVE-2017-8396","UBUNTU-CVE-2017-8397","UBUNTU-CVE-2017-8398","UBUNTU-CVE-2017-8421","UBUNTU-CVE-2017-9038","UBUNTU-CVE-2017-9039","UBUNTU-CVE-2017-9040","UBUNTU-CVE-2017-9041","UBUNTU-CVE-2017-9042","UBUNTU-CVE-2017-9044","UBUNTU-CVE-2017-9742","UBUNTU-CVE-2017-9744","UBUNTU-CVE-2017-9745","UBUNTU-CVE-2017-9746","UBUNTU-CVE-2017-9747","UBUNTU-CVE-2017-9748","UBUNTU-CVE-2017-9749","UBUNTU-CVE-2017-9750","UBUNTU-CVE-2017-9751","UBUNTU-CVE-2017-9752","UBUNTU-CVE-2017-9753","UBUNTU-CVE-2017-9754","UBUNTU-CVE-2017-9755","UBUNTU-CVE-2017-9756","UBUNTU-CVE-2017-9954","UBUNTU-CVE-2018-1000876","UBUNTU-CVE-2018-10372","UBUNTU-CVE-2018-10373","UBUNTU-CVE-2018-10534","UBUNTU-CVE-2018-10535","UBUNTU-CVE-2018-12641","UBUNTU-CVE-2018-12697","UBUNTU-CVE-2018-12698","UBUNTU-CVE-2018-12699","UBUNTU-CVE-2018-12700","UBUNTU-CVE-2018-12934","UBUNTU-CVE-2018-13033","UBUNTU-CVE-2018-17358","UBUNTU-CVE-2018-17359","UBUNTU-CVE-2018-17360","UBUNTU-CVE-2018-17794","UBUNTU-CVE-2018-17985","UBUNTU-CVE-2018-18309","UBUNTU-CVE-2018-18483","UBUNTU-CVE-2018-18484","UBUNTU-CVE-2018-18605","UBUNTU-CVE-2018-18606","UBUNTU-CVE-2018-18607","UBUNTU-CVE-2018-18700","UBUNTU-CVE-2018-18701","UBUNTU-CVE-2018-19931","UBUNTU-CVE-2018-19932","UBUNTU-CVE-2018-20002","UBUNTU-CVE-2018-20623","UBUNTU-CVE-2018-20671","UBUNTU-CVE-2018-6323","UBUNTU-CVE-2018-6543","UBUNTU-CVE-2018-6759","UBUNTU-CVE-2018-7208","UBUNTU-CVE-2018-7568","UBUNTU-CVE-2018-7569","UBUNTU-CVE-2018-7642","UBUNTU-CVE-2018-7643","UBUNTU-CVE-2018-8945","UBUNTU-CVE-2018-9138","UBUNTU-CVE-2019-12972","UBUNTU-CVE-2019-14250","UBUNTU-CVE-2019-14444","UBUNTU-CVE-2019-17450","UBUNTU-CVE-2019-17451","UBUNTU-CVE-2019-9070","UBUNTU-CVE-2019-9071","UBUNTU-CVE-2019-9073","UBUNTU-CVE-2019-9074","UBUNTU-CVE-2019-9075","UBUNTU-CVE-2019-9077"],"upstream":["CVE-2017-8421","CVE-2017-9742","CVE-2017-9747","CVE-2017-9748","CVE-2017-9750","CVE-2017-9756","CVE-2018-12700","CVE-2018-20671","CVE-2018-6323","CVE-2018-6543","UBUNTU-CVE-2017-8421","UBUNTU-CVE-2017-9742","UBUNTU-CVE-2017-9747","UBUNTU-CVE-2017-9748","UBUNTU-CVE-2017-9750","UBUNTU-CVE-2017-9756","UBUNTU-CVE-2018-12700","UBUNTU-CVE-2018-20671","UBUNTU-CVE-2018-6323","UBUNTU-CVE-2018-6543"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-4336-2"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2017-8421"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2017-9742"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2017-9747"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2017-9748"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2017-9750"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2017-9756"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2018-6323"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2018-6543"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2018-12700"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2018-20671"}],"affected":[{"package":{"name":"binutils","ecosystem":"Ubuntu:Pro:16.04:LTS","purl":"pkg:deb/ubuntu/binutils@2.26.1-1ubuntu1~16.04.8+esm1?arch=source&distro=esm-infra/xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.26.1-1ubuntu1~16.04.8+esm1"}]}],"versions":["2.25.1-6ubuntu1","2.25.51.20151022-0ubuntu2","2.25.51.20151022-0ubuntu3","2.25.51.20151027-0ubuntu1","2.25.51.20151028-0ubuntu1","2.25.51.20151106-0ubuntu1","2.25.51.20151113-1ubuntu1","2.25.51.20151113-2ubuntu1","2.25.90.20151125-1ubuntu1","2.25.90.20151125-2ubuntu1","2.25.90.20151211-0ubuntu1","2.25.90.20151211-0ubuntu2","2.25.90.20160101-1ubuntu1","2.25.90.20160101-1ubuntu2","2.26-2ubuntu1","2.26-3ubuntu1","2.26-4ubuntu1","2.26-5ubuntu1","2.26-6ubuntu1","2.26-7ubuntu2","2.26-8ubuntu1","2.26-8ubuntu2","2.26-8ubuntu2.1","2.26.1-1ubuntu1~16.04","2.26.1-1ubuntu1~16.04.1","2.26.1-1ubuntu1~16.04.3","2.26.1-1ubuntu1~16.04.4","2.26.1-1ubuntu1~16.04.5","2.26.1-1ubuntu1~16.04.6","2.26.1-1ubuntu1~16.04.7","2.26.1-1ubuntu1~16.04.8"],"ecosystem_specific":{"binaries":[{"binary_name":"binutils","binary_version":"2.26.1-1ubuntu1~16.04.8+esm1"},{"binary_name":"binutils-aarch64-linux-gnu","binary_version":"2.26.1-1ubuntu1~16.04.8+esm1"},{"binary_name":"binutils-alpha-linux-gnu","binary_version":"2.26.1-1ubuntu1~16.04.8+esm1"},{"binary_name":"binutils-arm-linux-gnueabi","binary_version":"2.26.1-1ubuntu1~16.04.8+esm1"},{"binary_name":"binutils-arm-linux-gnueabihf","binary_version":"2.26.1-1ubuntu1~16.04.8+esm1"},{"binary_name":"binutils-hppa-linux-gnu","binary_version":"2.26.1-1ubuntu1~16.04.8+esm1"},{"binary_name":"binutils-hppa64-linux-gnu","binary_version":"2.26.1-1ubuntu1~16.04.8+esm1"},{"binary_name":"binutils-m68k-linux-gnu","binary_version":"2.26.1-1ubuntu1~16.04.8+esm1"},{"binary_name":"binutils-mips-linux-gnu","binary_version":"2.26.1-1ubuntu1~16.04.8+esm1"},{"binary_name":"binutils-mips64-linux-gnuabi64","binary_version":"2.26.1-1ubuntu1~16.04.8+esm1"},{"binary_name":"binutils-mips64el-linux-gnuabi64","binary_version":"2.26.1-1ubuntu1~16.04.8+esm1"},{"binary_name":"binutils-mipsel-linux-gnu","binary_version":"2.26.1-1ubuntu1~16.04.8+esm1"},{"binary_name":"binutils-multiarch","binary_version":"2.26.1-1ubuntu1~16.04.8+esm1"},{"binary_name":"binutils-powerpc-linux-gnu","binary_version":"2.26.1-1ubuntu1~16.04.8+esm1"},{"binary_name":"binutils-powerpc-linux-gnuspe","binary_version":"2.26.1-1ubuntu1~16.04.8+esm1"},{"binary_name":"binutils-powerpc64-linux-gnu","binary_version":"2.26.1-1ubuntu1~16.04.8+esm1"},{"binary_name":"binutils-powerpc64le-linux-gnu","binary_version":"2.26.1-1ubuntu1~16.04.8+esm1"},{"binary_name":"binutils-s390x-linux-gnu","binary_version":"2.26.1-1ubuntu1~16.04.8+esm1"},{"binary_name":"binutils-sh4-linux-gnu","binary_version":"2.26.1-1ubuntu1~16.04.8+esm1"},{"binary_name":"binutils-source","binary_version":"2.26.1-1ubuntu1~16.04.8+esm1"},{"binary_name":"binutils-sparc64-linux-gnu","binary_version":"2.26.1-1ubuntu1~16.04.8+esm1"}],"availability":"Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro"},"database_specific":{"cves_map":{"cves":[{"id":"CVE-2017-8421","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2017-9742","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2017-9747","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2017-9748","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2017-9750","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2017-9756","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2018-6323","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2018-6543","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2018-12700","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2018-20671","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}]}],"ecosystem":"Ubuntu:Pro:16.04:LTS"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4336-2.json"}}],"schema_version":"1.7.5"}