Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.5
CVSSv3

CVE-2017-6966

Published: 17/03/2017 Updated: 19/09/2017
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 384
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Vulnerability Summary

readelf in GNU Binutils 2.28 has a use-after-free (specifically read-after-free) error while processing multiple, relocated sections in an MSP430 binary. This is caused by mishandling of an invalid symbol index, and mishandling of state across invocations.

Vulnerable Product Search on Vulmon Subscribe to Product

gnu binutils 2.28

Vendor Advisories

Debian CVElist Bug Report Logs: binutils: CVE-2017-7210
Debian Bug report logs - #858324 binutils: CVE-2017-7210 Package: src:binutils; Maintainer for src:binutils is Matthias Klose <doko@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 21 Mar 2017 09:57:05 UTC Severity: important Tags: fixed-upstream, patch, security, upstream Found in versi ...
Debian CVElist Bug Report Logs: binutils: CVE-2017-6966
Debian Bug report logs - #858263 binutils: CVE-2017-6966 Package: binutils; Maintainer for binutils is Matthias Klose <doko@debianorg>; Source for binutils is src:binutils (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Mon, 20 Mar 2017 13:03:01 UTC Severity: important Tags: fixed-upstr ...
Debian CVElist Bug Report Logs: binutils: CVE-2017-6965
Debian Bug report logs - #858264 binutils: CVE-2017-6965 Package: binutils; Maintainer for binutils is Matthias Klose <doko@debianorg>; Source for binutils is src:binutils (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Mon, 20 Mar 2017 13:03:01 UTC Severity: important Tags: fixed-upstr ...
Debian CVElist Bug Report Logs: binutils: CVE-2017-7209
Debian Bug report logs - #858323 binutils: CVE-2017-7209 Package: src:binutils; Maintainer for src:binutils is Matthias Klose <doko@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 21 Mar 2017 09:57:02 UTC Severity: important Tags: fixed-upstream, patch, security, upstream Found in versi ...
Debian CVElist Bug Report Logs: binutils: CVE-2017-6969
Debian Bug report logs - #858256 binutils: CVE-2017-6969 Package: binutils; Maintainer for binutils is Matthias Klose <doko@debianorg>; Source for binutils is src:binutils (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Mon, 20 Mar 2017 13:03:01 UTC Severity: important Tags: fixed-upstr ...
Red Hat: CVE-2017-6966
A vulnerability was found in readelf; part of binutils A crafted executable or shared library could cause use-after-free and out-of-bounds writes, leading to a crash or possible code execution ...
Arch Linux Issues:
readelf in GNU Binutils 228 has a use-after-free (specifically read-after-free) error while processing multiple, relocated sections in an MSP430 binary This is caused by mishandling of an invalid symbol index, and mishandling of state across invocations A crafted executable or shared library could lead to a crash or possible code execution ...

References

CWE-416https://sourceware.org/bugzilla/show_bug.cgi?id=21139https://security.gentoo.org/glsa/201709-02https://nvd.nist.govhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858324https://access.redhat.com/security/cve/cve-2017-6966
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223CVE-2024-0044information disclosureCVE-2024-35753HTML injectionCVE-2024-21306CVE-2024-35733SQL injectionCVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook