The _bfd_coff_read_string_table function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not properly validate the size of the external string table, which allows remote attackers to cause a denial of service (excessive memory consumption, or heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted COFF binary.
References
Configurations
History
21 Nov 2024, 03:17
Type | Values Removed | Values Added |
---|---|---|
References | () https://security.gentoo.org/glsa/201811-17 - | |
References | () https://sourceware.org/bugzilla/show_bug.cgi?id=22507 - Exploit, Issue Tracking | |
References | () https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=b0029dce6867de1a2828293177b0e030d2f0f03c - |
07 Nov 2023, 02:41
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2017-12-04 08:29
Updated : 2024-11-21 03:17
NVD link : CVE-2017-17124
Mitre link : CVE-2017-17124
CVE.ORG link : CVE-2017-17124
JSON object : View
Products Affected
gnu
- binutils
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer