CVE-2017-13710

Name of the Vulnerable Software and Affected Versions: GNU Binutils version 2.29

Description: The issue is related to the setup group function in the elf.c component of the Binary File Descriptor (BFD) library, which is part of GNU Binutils. This function is vulnerable to a denial of service, where remote attackers can cause a NULL pointer dereference and application crash by providing a group section that is too small. The vulnerability is associated with pointer dereference errors.

Recommendations: For GNU Binutils version 2.29, consider disabling the setup group function as a temporary workaround until a patch is available. Restrict access to the elf.c component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.