Wind River Support Network

HomeDefectsLIN8-6957

Fixed

LIN8-6957 : Security Advisory - binutils - CVE-2017-9955

Created: Jun 29, 2017 Updated: Dec 3, 2018

Resolved Date: Oct 22, 2017

Found In Version: 8.0.0.18

Fix Version: 8.0.0.23

Severity: Standard

Applicable for: Wind River Linux 8

Component/s: Userspace

Description

The get_build_id function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file in which a certain size field is larger than a corresponding data field, as demonstrated by mishandling within the objdump program.

https://nvd.nist.gov/vuln/detail/CVE-2017-9955

Other Downloads

Wind River Linux 8.0.0.23
Wind River Linux 8.0.0.24
Wind River Linux 8.0.0.25
Wind River Linux 8.0.0.26
Wind River Linux 8.0.0.27
Wind River Linux 8.0.0.28
Wind River Linux 8.0.0.29
Wind River Linux 8.0.0.30
Wind River Linux 8.0.0.31
Wind River Linux 8.0.0.32
Wind River Linux 8.0.0.33
Wind River Linux 8.0.0.34

CVEs

CVE-2017-9955