Dusan Repel

**Name of the Vulnerable Software and Affected Versions** GNU binutils gold versions 1.11 through 1.16 GNU binutils versions 2.21 through 2.31.1 **Description** The issue is related to an out-of-bounds read in the gold/fileread.cc component of GNU Binutils. This can be exploited by a remote attacker to cause a denial of service. The attack vector involves an ELF file with an invalid e shoff header field. **Recommendations** For GNU binutils gold versions 1.11 through 1.16, update to a version outside of this range to resolve the issue. For GNU binutils versions 2.21 through 2.31.1, update to a version outside of this range to resolve the issue. As a temporary workaround, consider restricting access to ELF files with invalid e shoff header fields to minimize the risk of exploitation.