First published: Fri Aug 04 2017(Updated: )
Last updated 24 July 2024
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
GNU Binutils | <=2.29 | |
debian/binutils | 2.35.2-2 2.40-2 2.43.50.20241215-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this issue is CVE-2017-12455.
The affected software is the Binary File Descriptor (BFD) library, specifically GNU Binutils version 2.29 and earlier.
This vulnerability allows remote attackers to cause an out of bounds heap read.
Yes, there are fixes available for this vulnerability. Ubuntu users can upgrade to version 2.26.1-1ubuntu1~16.04.8+ or later. Debian users can upgrade to version 2.31.1-16, 2.35.2-2, 2.40-2, or 2.41-5.
You can find more information about this vulnerability at the following references: [Bugzilla](https://sourceware.org/bugzilla/show_bug.cgi?id=21840), [Launchpad](https://launchpad.net/bugs/cve/CVE-2017-12455), [CVE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12455).