Wind River Support Network

HomeDefectsLIN9-5535

Fixed

LIN9-5535 : Security Advisory - binutils - CVE-2017-14939

Created: Oct 16, 2017 Updated: Dec 3, 2018

Resolved Date: Nov 13, 2017

Found In Version: 9.0.0.11

Fix Version: 9.0.0.12

Severity: Standard

Applicable for: Wind River Linux 9

Component/s: Userspace

Description

decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles a length calculation, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to read_1_byte.

https://nvd.nist.gov/vuln/detail/CVE-2017-14939

Other Downloads

Wind River Linux 9.0.0.12
Wind River Linux 9.0.0.13
Wind River Linux 9.0.0.14
Wind River Linux 9.0.0.15
Wind River Linux 9.0.0.16
Wind River Linux 9.0.0.17
Wind River Linux 9.0.0.18
Wind River Linux 9.0.0.19
Wind River Linux 9.0.0.20
Wind River Linux 9.0.0.21
Wind River Linux 9.0.0.22
Wind River Linux 9.0.0.23
Wind River Linux 9.0.0.24
Wind River Linux 9.0.0.25
Wind River Linux 9.0.0.26

CVEs

CVE-2017-14939