CVE-2017-9744

Name of the Vulnerable Software and Affected Versions GNU Binutils version 2.28

Description The issue is related to the sh elf set mach from flags function in the BFD library, which can be exploited by remote attackers using a crafted binary file. This can lead to a denial of service, causing a buffer overflow and application crash, and potentially have other unspecified impacts. The vulnerability can be triggered during the execution of "objdump -D" with a malicious binary file.

Recommendations For GNU Binutils version 2.28, consider updating to a newer version that addresses this issue. As a temporary workaround, restrict the use of the sh elf set mach from flags function in the BFD library to minimize the risk of exploitation. Avoid processing untrusted binary files with "objdump -D" until the issue is resolved.