Published: 27/10/2017 Updated: 07/11/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 446

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, miscalculates DW_FORM_ref_addr die refs in the case of a relocatable object file, which allows remote malicious users to cause a denial of service (find_abstract_instance_name invalid memory read, segmentation fault, and application crash).

Vulnerable Product	Search on Vulmon	Subscribe to Product
gnu binutils 2.29

dwarf2c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 229, miscalculates DW_FORM_ref_addr die refs in the case of a relocatable object file, which allows remote attackers to cause a denial of service (find_abstract_instance_name invalid memory read, segmentation fault, and application crash) ...

CWE-119 https://sourceware.org/bugzilla/show_bug.cgi?id=22209 https://blogs.gentoo.org/ago/2017/10/24/binutils-invalid-memory-read-in-find_abstract_instance_name-dwarf2-c/http://www.securityfocus.com/bid/101610 https://security.gentoo.org/glsa/201801-01 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=1b86808a86077722ee4f42ff97f836b12420bb2a https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2017-15938

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-15938

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect