CVE-2017-9745

Name of the Vulnerable Software and Affected Versions GNU Binutils version 2.28

Description The issue allows remote attackers to cause a denial of service, resulting in a buffer overflow and application crash, or possibly have other unspecified impacts. This occurs via a crafted binary file, which is mishandled during execution of "objdump -D".

Recommendations For GNU Binutils version 2.28, consider avoiding the use of the objdump -D command with untrusted binary files until a fix is available. As a temporary workaround, restrict access to the bfd/vms-alpha.c library to minimize the risk of exploitation.