CVE-2017-17124
Summary
| CVE | CVE-2017-17124 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2017-12-04 08:29:00 UTC |
| Updated | 2023-11-07 02:41:00 UTC |
| Description | The _bfd_coff_read_string_table function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not properly validate the size of the external string table, which allows remote attackers to cause a denial of service (excessive memory consumption, or heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted COFF binary. |
Risk And Classification
Problem Types: CWE-119
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Binutils: Multiple vulnerabilities (GLSA 201811-17) — Gentoo security | GENTOO | security.gentoo.org | |
| sourceware.org Git - binutils-gdb.git/commit | sourceware.org | ||
| 22507 – Heap buffer overflow on _bfd_coff_read_string_table | MISC | sourceware.org | Exploit, Issue Tracking |
| sourceware.org Git - binutils-gdb.git/commit | MISC | sourceware.org | Patch |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 710297 Gentoo Linux Binutils Multiple Vulnerabilities (GLSA 201811-17)