ID CVE-2017-15022
Summary dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not validate the DW_AT_name data type, which allows remote attackers to cause a denial of service (bfd_hash_hash NULL pointer dereference, or out-of-bounds access, and application crash) via a crafted ELF file, related to scan_unit_for_symbols and parse_comp_unit.
References
Vulnerable Configurations
  • GNU Binutils 2.29
    cpe:2.3:a:gnu:binutils:2.29
CVSS
Base: 4.3
Impact:
Exploitability:
CWE CWE-476
CAPEC
nessus via4
  • NASL family PhotonOS Local Security Checks
    NASL id PHOTONOS_PHSA-2018-1_0-0104.NASL
    description An update of 'binutils' packages of Photon OS has been released.
    last seen 2019-02-08
    modified 2019-02-07
    plugin id 111916
    published 2018-08-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=111916
    title Photon OS 1.0: Binutils PHSA-2018-1.0-0104 (deprecated)
  • NASL family PhotonOS Local Security Checks
    NASL id PHOTONOS_PHSA-2018-1_0-0104_BINUTILS.NASL
    description An update of the binutils package has been released.
    last seen 2019-02-08
    modified 2019-02-07
    plugin id 121805
    published 2019-02-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121805
    title Photon OS 1.0: Binutils PHSA-2018-1.0-0104
refmap via4
misc
Last major update 04-10-2017 - 21:29
Published 04-10-2017 - 21:29
Last modified 11-10-2017 - 13:37
Back to Top