CVE-2017-9747

Name of the Vulnerable Software and Affected Versions GNU Binutils version 2.28

Description The issue is related to the ieee archive p function in the BFD library, which may allow remote attackers to cause a denial of service, such as a buffer overflow and application crash, or possibly have other unspecified impacts. This can occur via a crafted binary file, as demonstrated by mishandling of the file during "objdump -D" execution.

Recommendations For GNU Binutils version 2.28, consider avoiding the use of the ieee archive p function until a patch is available, or refrain from processing crafted binary files with "objdump -D" to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.