First published: Thu Oct 05 2017(Updated: )
find_abstract_instance_name in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
GNU Binutils | =2.29 | |
debian/binutils | 2.35.2-2 2.40-2 2.43.1-5 |
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=52a93b95ec0771c97e26f0bb28630a271a667bd2
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2017-15024.
The title of this vulnerability is 'find_abstract_instance_name in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd) as ...'
The affected software is the Binary File Descriptor (BFD) library (aka libbfd) as distributed in GNU Binutils 2.29.
This vulnerability allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file.
To fix this vulnerability, you should apply the recommended security updates for the affected software.