CVE-2017-14939

Name of the Vulnerable Software and Affected Versions: GNU Binutils version 2.29 and earlier

Description: The issue is related to a length calculation mishandling in the decode line info function within the dwarf2.c component of the Binary File Descriptor (BFD) library, also known as libbfd. This allows remote attackers to cause a denial of service, specifically a heap-based buffer over-read and application crash, by providing a crafted ELF file. The problem is associated with the read 1 byte function.

Recommendations: For GNU Binutils version 2.29 and earlier, consider updating to a newer version that addresses this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.