PT-2017-18317 · Gnu+2 · Gnu Binutils+2

Manh-Dung Nguyen

Published

2017-05-01

Updated

2024-06-15

CVE-2017-8396

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions GNU Binutils version 2.28

Description The Binary File Descriptor library is susceptible to an invalid read due to inadequate reloc offset range tests, which failed to account for small negative offsets. This issue can cause programs utilizing the library, such as objdump, to crash when analyzing binary programs.

Recommendations For GNU Binutils version 2.28, update to a version that includes the fix for the invalid read issue in the Binary File Descriptor library.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2017-8396

MGASA-2019-0169

OPENSUSE-SU-2018_3223-1

OPENSUSE-SU-2024:10651-1

SUSE-SU-2017:3170-1

SUSE-SU-2018:3207-1

SUSE-SU-2018:3207-2

USN-4336-2

Affected Products

Gnu Binutils

Suse

Ubuntu

PT-2017-18317 · Gnu+2 · Gnu Binutils+2

CVE-2017-8396

Weakness Enumeration

Related Identifiers

Affected Products

References · 773