CVE-2017-16831

Name of the Vulnerable Software and Affected Versions: GNU Binutils version 2.29.1

Description: The issue is related to the coffgen.c component in the Binary File Descriptor (BFD) library, which does not validate the symbol count. This allows remote attackers to cause a denial of service, potentially leading to an integer overflow and application crash, or excessive memory allocation, via a crafted PE file. The vulnerability may also allow attackers to access confidential data, compromise its integrity, and disrupt service.

Recommendations: For GNU Binutils version 2.29.1, consider updating to a newer version that addresses the issue, as the current version does not validate the symbol count in the coffgen.c component, leading to potential security risks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.