Lucene search

K
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2017-9754
HistoryJun 19, 2017 - 4:29 a.m.

CVE-2017-9754

2017-06-1904:29:00
Debian Security Bug Tracker
security-tracker.debian.org
6

0.01 Low

EPSS

Percentile

83.6%

The process_otr function in bfd/versados.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, does not validate a certain offset, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during “objdump -D” execution.

0.01 Low

EPSS

Percentile

83.6%