First published: Mon Jun 19 2017(Updated: )
The print_insn_score32 function in opcodes/score7-dis.c:552 in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Ubuntu/binutils | =2.28 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-9743 has a medium severity rating due to its potential to cause denial of service via a buffer overflow.
To fix CVE-2017-9743, upgrade GNU Binutils to version 2.29 or later where this vulnerability is patched.
CVE-2017-9743 specifically affects GNU Binutils version 2.28.
CVE-2017-9743 enables remote attackers to launch denial of service attacks by exploiting a buffer overflow in a crafted binary file.
CVE-2017-9743 can be exploited when a user processes a malformed binary file using functions from the GNU Binutils.