CVE-2017-15020

dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles pointers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted ELF file, related to parse_die and parse_line_table, as demonstrated by a parse_die heap-based buffer over-read.

Published : 2017-10-05 01:29 Updated : 2019-10-03 00:03

6.8
CVSS Score More info
Score 6.8 / 10
6.8
Vendor Product Version URI
Gnu Binutils 2.29 cpe:/a:gnu:binutils:2.29
  1. Gnu (1) Search CVE
    1. Binutils (1) Search CVE
      1. 2.29

CWE

ID Name Description Links
CWE-125 Out-of-bounds Read The software reads data past the end, or before the beginning, of the intended buffer. CVE

History of changes

Date Event
2019-10-03 00:03
2017-10-11 18:31
2017-10-05 01:29

New CVE