The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a swap_std_reloc_out function in bfd/aoutx.h that is vulnerable to an invalid read (of size 4) because of missing checks for relocs that could not be recognised. This vulnerability causes Binutils utilities like strip to crash.
| Product | Vendor | Version |
|---|---|---|
| n/a | n/a | < 58143c1ed5882c138a3cd2251a336fc8755f23d9 |