Wind River Support Network

HomeDefectsLIN8-6686
Fixed

LIN8-6686 : Security Advisory - binutils - CVE-2017-8396

Created: May 14, 2017    Updated: Dec 3, 2018
Resolved Date: Oct 22, 2017
Found In Version: 8.0.0.17
Fix Version: 8.0.0.23
Severity: Standard
Applicable for: Wind River Linux 8
Component/s: Userspace

Description

The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 1 because the existing reloc offset range tests didn't catch small negative offsets less than the size of the reloc field. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objdump, to crash.

https://nvd.nist.gov/vuln/detail/CVE-2017-8396

Other Downloads


CVEs


Live chat
Online