CVE-2017-14529

Source
https://cve.org/CVERecord?id=CVE-2017-14529
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-14529.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-14529
Downstream
Related
Published
2017-09-18T00:29:00.237Z
Modified
2026-07-08T12:05:23.070684Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

The peprintidata function in peXXigen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles HintName vector entries, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted PE file, related to the bfd_getl16 function.

References

Affected packages

Git / sourceware.org/git/binutils-gdb.git

Affected ranges

Type
GIT
Repo
https://sourceware.org/git/binutils-gdb.git
Events
Introduced
dd9a28c0966d13924fbd1096a724ae334954d830
Last affected
dd9a28c0966d13924fbd1096a724ae334954d830
Database specific
{
    "source": "CPE_STRING",
    "cpe": "cpe:2.3:a:gnu:binutils:2.29:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "2.29"
        },
        {
            "last_affected": "2.29"
        }
    ]
}

Affected versions

2.*
2.29
Other
binutils-2_29

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-14529.json"