Date published: 2017-09-12T04:29:00.443-04:00
Date last modified: 2017-09-18T13:25:49.693-04:00
CVSS Score: 4.3
Principal attack vector: NETWORK
Reference URL: https://sourceware.org/bugzilla/show_bug.cgi?id=21990
Summary: The process_version_sections function in readelf.c in GNU Binutils 2.29 allows attackers to cause a denial of service (Integer Overflow, and hang because of a time-consuming loop) or possibly have unspecified other impact via a crafted binary file with invalid values of ent.vn_next, during “readelf -a” execution.