CVE-2017-9044 log
| Source |
|
| Severity | Medium |
| Remote | No |
| Type | Denial of service |
| Description | The print_symbol_for_build_attribute function in readelf.c in GNU Binutils 2017-04-12 allows attackers to cause a denial of service (invalid read and SEGV) via a crafted ELF file. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-276 | binutils | 2.28.0-4 | 2.29.0-1 | High | Fixed |
| References |
|---|
https://blogs.gentoo.org/ago/2017/05/12/binutils-multiple-crashes/ |
| Notes |
|---|
Reproducer: https://github.com/asarubbo/poc/blob/master/00273-binutils-NULLptr-print_symbol_for_build_attribute Unable to reproduce, fixed in atleast 2.30 |