QwikSec

Security Database

CVE

CWE

Training

CVE-2017-16832

Published: Nov 15, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

The pe_bfd_read_buildid function in peicode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate size and offset values in the data dictionary, which allows remote attackers to cause a denial of service (segmentation violation and application crash) or possibly have unspecified other impact via a crafted PE file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://sourceware.org/bugzilla/show_bug.cgi?id=22373

x_refsource_CONFIRM

vendor-advisory

x_refsource_GENTOO

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%3Bh=0bb6961f18b8e832d88b490d421ca56cea16c45b

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.