CVE-2017-14333

Name of the Vulnerable Software and Affected Versions: GNU Binutils version 2.29

Description: The issue is related to an integer overflow in the process version sections function, which can cause a denial of service, leading to a hang due to a time-consuming loop. This can be triggered by a crafted binary file with invalid values of ent.vn next when executing "readelf -a". The vulnerability may also have unspecified other impacts.

Recommendations: For GNU Binutils version 2.29, consider avoiding the use of the process version sections function until a patch is available. As a temporary workaround, restrict the execution of "readelf -a" with untrusted binary files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.