SecuritySpace - CVE-2017-17080

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2017-17080

Description: elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate sizes of core notes, which allows remote attackers to cause a denial of service (bfd_getl32 heap-based buffer over-read and application crash) via a crafted object file, related to elfcore_grok_netbsd_procinfo, elfcore_grok_openbsd_procinfo, and elfcore_grok_nto_status.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2017-17080
https://security.gentoo.org/glsa/201811-17
https://sourceware.org/bugzilla/show_bug.cgi?id=22421

CVE ID:	CVE-2017-17080
Description:	elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate sizes of core notes, which allows remote attackers to cause a denial of service (bfd_getl32 heap-based buffer over-read and application crash) via a crafted object file, related to elfcore_grok_netbsd_procinfo, elfcore_grok_openbsd_procinfo, and elfcore_grok_nto_status.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2017-17080 https://security.gentoo.org/glsa/201811-17 https://sourceware.org/bugzilla/show_bug.cgi?id=22421