CVE-2017-12967

Published: 8/19/2017 Last updated: 8/5/2024 Reserved: 8/19/2017

The getsym function in tekhex.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a malformed tekhex binary.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (3)

bap-std clangml conf-binutils

Products affected (1)

Product	Vendor	Version
n/a	n/a	2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier versions

References (6)

https://sourceware.org/bugzilla/show_bug.cgi?id=21962
http://www.securityfocus.com/bid/100462
https://security.gentoo.org/glsa/201801-01
https://sourceware.org/bugzilla/show_bug.cgi?id=21962
http://www.securityfocus.com/bid/100462
https://security.gentoo.org/glsa/201801-01