ID CVE-2017-7209
Summary The dump_section_as_bytes function in readelf in GNU Binutils 2.28 accesses a NULL pointer while reading section contents in a corrupt binary, leading to a program crash.
References
Vulnerable Configurations
  • cpe:2.3:a:gnu:binutils:2.28:*:*:*:*:*:*:*
    cpe:2.3:a:gnu:binutils:2.28:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 09-01-2018 - 02:29)
Impact:
Exploitability:
CWE CWE-476
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:P
refmap via4
bid 96994
confirm https://sourceware.org/bugzilla/show_bug.cgi?id=21135
gentoo GLSA-201801-01
Last major update 09-01-2018 - 02:29
Published 21-03-2017 - 06:59
Last modified 09-01-2018 - 02:29
Back to Top