Heap buffer overflow vulnerability in binutils readelf prior to 2.40 via function display_debug_section in file readelf.c.
gnu binutils