CVE-2017-17124

The _bfd_coff_read_string_table function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not properly validate the size of the external string table, which allows remote attackers to cause a denial of service (excessive memory consumption, or heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted COFF binary.
Configurations

Configuration 1 (hide)

cpe:2.3:a:gnu:binutils:2.29.1:*:*:*:*:*:*:*

History

21 Nov 2024, 03:17

Type Values Removed Values Added
References () https://security.gentoo.org/glsa/201811-17 - () https://security.gentoo.org/glsa/201811-17 -
References () https://sourceware.org/bugzilla/show_bug.cgi?id=22507 - Exploit, Issue Tracking () https://sourceware.org/bugzilla/show_bug.cgi?id=22507 - Exploit, Issue Tracking
References () https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=b0029dce6867de1a2828293177b0e030d2f0f03c - () https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=b0029dce6867de1a2828293177b0e030d2f0f03c -

07 Nov 2023, 02:41

Type Values Removed Values Added
References
  • {'url': 'https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=b0029dce6867de1a2828293177b0e030d2f0f03c', 'name': 'https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=b0029dce6867de1a2828293177b0e030d2f0f03c', 'tags': ['Patch'], 'refsource': 'MISC'}
  • () https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=b0029dce6867de1a2828293177b0e030d2f0f03c -

Information

Published : 2017-12-04 08:29

Updated : 2024-11-21 03:17


NVD link : CVE-2017-17124

Mitre link : CVE-2017-17124

CVE.ORG link : CVE-2017-17124


JSON object : View

Products Affected

gnu

  • binutils
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer