CVE-2017-15939

2017-10-27T21:29:00
ID CVE-2017-15939
Type cve
Reporter cve@mitre.org
Modified 2018-01-09T02:29:00

Description

dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles NULL files in a .debug_line file table, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to concat_filename. NOTE: this issue is caused by an incomplete fix for CVE-2017-15023.