CVE-2017-14333CVE-2017-14333

Affected configuration(s):

cpe:/a:gnu:binutils:2.29

Date published: 2017-09-12T04:29:00.443-04:00

Date last modified: 2017-09-18T13:25:49.693-04:00

CVSS Score: 4.3

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: https://sourceware.org/bugzilla/show_bug.cgi?id=21990

Summary: The process_version_sections function in readelf.c in GNU Binutils 2.29 allows attackers to cause a denial of service (Integer Overflow, and hang because of a time-consuming loop) or possibly have unspecified other impact via a crafted binary file with invalid values of ent.vn_next, during “readelf -a” execution.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.