CVE-2017-17124

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-17124

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-17124.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2017-17124

Related

Published

2017-12-04T08:29:00Z

Modified

2024-09-03T01:55:27.063126Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

The bfdcoffreadstring_table function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not properly validate the size of the external string table, which allows remote attackers to cause a denial of service (excessive memory consumption, or heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted COFF binary.

References

Affected packages

Debian:11 / binutils

Package

Name: binutils
Purl: pkg:deb/debian/binutils?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.29.90.20180122-1

Ecosystem specific

{
    "urgency": "low"
}

Debian:12 / binutils

Package

Name: binutils
Purl: pkg:deb/debian/binutils?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.29.90.20180122-1

Ecosystem specific

{
    "urgency": "low"
}

Debian:13 / binutils

Package

Name: binutils
Purl: pkg:deb/debian/binutils?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.29.90.20180122-1

Ecosystem specific

{
    "urgency": "low"
}

Git / sourceware.org/git/binutils-gdb.git

Affected ranges

Type: GIT
Repo: https://sourceware.org/git/binutils-gdb.git
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

90276f15379d380761fc499da2ba24cfb3c12a94

Affected versions

Other

binu_ss_19990502

binutils-2_29

binutils-2_29_1

gdb-4_18-branchpoint

gdb_5_2-branchpoint

gdb_5_3-branchpoint

gdb_6_0-branchpoint

gdb_6_1-branchpoint

gdb_6_2-branchpoint

gdb_6_3-branchpoint

gdb_6_4-branchpoint

gdb_6_5-branchpoint

gdb_6_6-branchpoint

gdb_6_7-branchpoint

gdb_6_8-branchpoint

gdb_7_0-branchpoint

gdb_7_1-branchpoint

gdb_7_2-branchpoint

gdb_7_3-branchpoint

gdb_7_4-branchpoint

gdb_7_5-branchpoint

gdb_7_6-branchpoint

readline_4_0

users/ARM/embedded-binutils-master-2016q4

gdb-7.*

gdb-7.10-branchpoint

gdb-7.11-branchpoint

gdb-7.12-branchpoint

gdb-7.7-branchpoint

gdb-7.8-branchpoint

gdb-7.9-branchpoint

gdb-8.*

gdb-8.0-branchpoint