CVE-2017-8393

Published: 01/05/2017 Updated: 03/10/2019

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a global buffer over-read error because of an assumption made by code that runs for objcopy and strip, that SHT_REL/SHR_RELA sections are always named starting with a .rel/.rela prefix. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objcopy and strip, to crash.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gnu binutils 2.28

The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 228, is vulnerable to a global buffer over-read error because of an assumption made by code that runs for objcopy and strip, that SHT_REL/SHR_RELA sections are always named starting with a rel/rela prefix This vulnerability causes programs that conduct an anal ...

CWE-125 https://sourceware.org/bugzilla/show_bug.cgi?id=21412 https://security.gentoo.org/glsa/201709-02 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2017-8393

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-8393

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect