CVE-2017-12967
published 2017-08-19CVE-2017-12967: The getsym function in tekhex.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause…
medium6.5CVSS 3.0
AVNACLPRNUIRSUCNINAH
The getsym function in tekhex.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a malformed tekhex binary.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | binutils | < binutils 2.29-5 (bookworm) | binutils 2.29-5 (bookworm) |
| gnu | binutils | — | — |
| gnu | binutils | >= 0 < 2.29-5 | 2.29-5 |
| gnu | binutils | >= 0 < 2.29-5 | 2.29-5 |
| gnu | binutils | >= 0 < 2.29-5 | 2.29-5 |
| gnu | binutils | >= 0 < 2.29-5 | 2.29-5 |
CVSS provenance
nvdv3.06.5MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
osv6.5MEDIUM