PT-2017-18664 · Gnu+2 · Gnu Binutils+2
Published
2017-05-18
·
Updated
2021-07-21
·
CVE-2017-9041
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
GNU Binutils version 2.28
Description
The issue allows remote attackers to cause a denial of service, resulting in a heap-based buffer over-read and application crash, by providing a crafted ELF file. This is related to the mishandling of MIPS GOT in the
process mips specific function in readelf.c.Recommendations
For GNU Binutils version 2.28, consider updating to a newer version that addresses this issue, as the current version is affected by the denial of service vulnerability related to the
process mips specific function in readelf.c.Fix
DoS
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Gnu Binutils
Suse
Ubuntu