The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD)
library (aka libbfd), as distributed in GNU Binutils 2.29, do not ensure a
unique PLT entry for a symbol, which allows remote attackers to cause a
denial of service (heap-based buffer overflow and application crash) or
possibly have unspecified other impact via a crafted ELF file, related to
elf32-i386.c and elf64-x86-64.c.
More Information

Updated: 2019-01-14 21:24:10 UTC (commit 51f9b73af244ba86b9321e46e526586c25a8e060)