GNU Binutils CVE-2017-15939 Incomplete Fix Remote Denial of Service Vulnerability



GNU Binutils is prone to a denial-of-service vulnerability.

Note: This issue is the result of an incomplete fix for the issue described in BID 101611 (GNU Binutils CVE-2017-15023 Remote Denial of Service Vulnerability).
An attacker can exploit this issue to cause a denial-of-service condition.

GNU Binutils 2.29 is vulnerable; other versions may also be affected.

Information

Bugtraq ID: 101613
Class: Input Validation Error
CVE: CVE-2017-15939

Remote: Yes
Local: No
Published: Oct 24 2017 12:00AM
Updated: Nov 03 2017 12:05AM
Credit: Agostino Sarubbo of Gentoo.
Vulnerable: GNU Binutils 2.29


Not Vulnerable:

Exploit


The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.


Related Posts