Lucene search

K
osvGoogleOSV:CVE-2017-8395
HistoryMay 01, 2017 - 6:59 p.m.

CVE-2017-8395

2017-05-0118:59:00
Google
osv.dev
6

AI Score

6.5

Confidence

Low

EPSS

0.001

Percentile

41.2%

The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid write of size 8 because of missing a malloc() return-value check to see if memory had actually been allocated in the _bfd_generic_get_section_contents function. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objcopy, to crash.

AI Score

6.5

Confidence

Low

EPSS

0.001

Percentile

41.2%