Wind River Support Network

HomeDefectsLIN9-5377

Fixed

LIN9-5377 : Security Advisory - binutils - CVE-2017-14333

Created: Sep 14, 2017 Updated: Dec 3, 2018

Resolved Date: Dec 25, 2017

Found In Version: 9.0.0.10

Fix Version: 9.0.0.14

Severity: Standard

Applicable for: Wind River Linux 9

Component/s: Userspace

Description

The process_version_sections function in readelf.c in GNU Binutils 2.29 allows attackers to cause a denial of service (Integer Overflow, and hang because of a time-consuming loop) or possibly have unspecified other impact via a crafted binary file with invalid values of ent.vn_next, during readelf -a execution.

https://nvd.nist.gov/vuln/detail/CVE-2017-14333

Other Downloads

Wind River Linux 9.0.0.14
Wind River Linux 9.0.0.15
Wind River Linux 9.0.0.16
Wind River Linux 9.0.0.17
Wind River Linux 9.0.0.18
Wind River Linux 9.0.0.19
Wind River Linux 9.0.0.20
Wind River Linux 9.0.0.21
Wind River Linux 9.0.0.22
Wind River Linux 9.0.0.23
Wind River Linux 9.0.0.24
Wind River Linux 9.0.0.25
Wind River Linux 9.0.0.26

CVEs

CVE-2017-14333