CVE-2017-9044

Source
Severity Medium
Remote No
Type Denial of service
Description
The print_symbol_for_build_attribute function in readelf.c in GNU Binutils 2017-04-12 allows attackers to cause a denial of service (invalid read and SEGV) via a crafted ELF file.
Group Package Affected Fixed Severity Status Ticket
AVG-276 binutils 2.28.0-4 2.29.0-1 High Fixed
References
https://blogs.gentoo.org/ago/2017/05/12/binutils-multiple-crashes/
Notes
Reproducer: https://github.com/asarubbo/poc/blob/master/00273-binutils-NULLptr-print_symbol_for_build_attribute
Unable to reproduce, fixed in atleast 2.30