GNU Binutils is prone to a heap-based buffer-overflow vulnerability.
Attackers can exploit this issue to cause denial-of-service condition, denying service to legitimate users. Given the nature of this issue, attackers may also be able to execute arbitrary code, but this has not been confirmed.
GNU Binutils version 2.31.1 is vulnerable.
Information
Exploit
The researcher who discovered this issue has created a proof-of-concepts. Please see the references for more information.
References:
- GCC Home Page (GNU)
- GCC Bugzilla â?? Bug 88629 (Gnu)
- Sourceware Bugzilla â?? Bug 24043 (Sourceware)