Guodong Zhu

**Name of the Vulnerable Software and Affected Versions** GNU Binutils version 2.30 **Description** The issue is related to the ` bfd XX bfd copy private bfd data common` function in the Binary File Descriptor (BFD) library, which processes a negative Data Directory size with an unbounded loop. This results in an out-of-bounds memory write. The vulnerability can be exploited by a remote attacker to cause a buffer overflow. **Recommendations** For GNU Binutils version 2.30, consider disabling the ` bfd XX bfd copy private bfd data common` function as a temporary workaround until a patch is available. Restrict access to the BFD library to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** GNU Binutils version 2.30 **Description** The issue is related to the ignore section sym function in the elf.c file of the Binary File Descriptor (BFD) library, which is part of GNU Binutils. This function does not validate the output section pointer in the case of a symtab entry with a "SECTION" type that has a "0" value. As a result, remote attackers can cause a denial of service, leading to a NULL pointer dereference and application crash, by providing a crafted file. For example, this can be demonstrated using objcopy. **Recommendations** For GNU Binutils version 2.30, consider updating to a newer version that includes a fix for this issue, as the current version allows for a denial of service attack via a crafted file. At the moment, there is no information about a newer version that contains a fix for this vulnerability.