Published: 18/05/2017 Updated: 07/11/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

GNU Binutils 2017-04-03 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash), related to the process_mips_specific function in readelf.c, via a crafted ELF file that triggers a large memory-allocation attempt.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gnu binutils 2.28

Debian Bug report logs - #863674 CVE-2017-9038 to CVE-2017-9043 Package: binutils; Maintainer for binutils is Matthias Klose <doko@debianorg>; Source for binutils is src:binutils (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Mon, 29 May 2017 21:21:04 UTC Severity: important Tags: fixe ...

GNU Binutils 2017-04-03 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash), related to the process_mips_specific function in readelfc, via a crafted ELF file that triggers a large memory-allocation attempt ...

GNU Binutils 2017-04-03 allows attackers to cause a denial of service (NULL pointer dereference and application crash), related to the process_mips_specific function in readelfc, via a crafted ELF file that triggers a large memory-allocation attempt ...

CWE-476 https://blogs.gentoo.org/ago/2017/05/12/binutils-multiple-crashes/http://www.securityfocus.com/bid/98579 https://security.gentoo.org/glsa/201709-02 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=7296a62a2a237f6b1ad8db8c38b090e9f592c8cf https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674 https://nvd.nist.gov https://security.archlinux.org/CVE-2017-9040

CVE-2017-9040

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect