Wind River Support Network

HomeDefectsLIN9-6035

Fixed

LIN9-6035 : Security Advisory - binutils - CVE-2017-17080

Created: Dec 14, 2017 Updated: Dec 3, 2018

Resolved Date: Dec 25, 2017

Found In Version: 9.0.0.13

Fix Version: 9.0.0.14

Severity: Standard

Applicable for: Wind River Linux 9

Component/s: Userspace

Description

elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate sizes of core notes, which allows remote attackers to cause a denial of service (bfd_getl32 heap-based buffer over-read and application crash) via a crafted object file, related to elfcore_grok_netbsd_procinfo, elfcore_grok_openbsd_procinfo, and elfcore_grok_nto_status.

https://nvd.nist.gov/vuln/detail/CVE-2017-17080

Other Downloads

Wind River Linux 9.0.0.14
Wind River Linux 9.0.0.15
Wind River Linux 9.0.0.16
Wind River Linux 9.0.0.17
Wind River Linux 9.0.0.18
Wind River Linux 9.0.0.19
Wind River Linux 9.0.0.20
Wind River Linux 9.0.0.21
Wind River Linux 9.0.0.22
Wind River Linux 9.0.0.23
Wind River Linux 9.0.0.24
Wind River Linux 9.0.0.25
Wind River Linux 9.0.0.26

CVEs

CVE-2017-17080