CVE-2017-14333

Priority
Description
The process_version_sections function in readelf.c in GNU Binutils 2.29
allows attackers to cause a denial of service (Integer Overflow, and hang
because of a time-consuming loop) or possibly have unspecified other impact
via a crafted binary file with invalid values of ent.vn_next, during
"readelf -a" execution.
Notes
 leosilva> code in precise and trusty are quite different, needs backport
 sbeattie> for 2.29 branch, 64aa1246572306b72dc479b46d13ff749b0c3236 is
  an omnibus patch set
More Information

Updated: 2019-01-14 21:23:59 UTC (commit 51f9b73af244ba86b9321e46e526586c25a8e060)