CVE-2017-6966 — Use After Free in Binutils

CWE-416 — Use After Free8 documents8 sources

Severity

5.5MEDIUMNVD

EPSS

0.3%

top 48.71%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

GNU Binutils

Timeline

PublishedMar 17

Latest updateMay 17

Description

readelf in GNU Binutils 2.28 has a use-after-free (specifically read-after-free) error while processing multiple, relocated sections in an MSP430 binary. This is caused by mishandling of an invalid symbol index, and mishandling of state across invocations.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

▶Debiangnu/binutils< 2.28-3+3

▶NVDgnu/binutils2.28

🔴Vulnerability Details

GHSA

GHSA-8v4m-gqx8-68xh: readelf in GNU Binutils 2↗2022-05-17

▶

OSV

CVE-2017-6966: readelf in GNU Binutils 2↗2017-03-17

▶

CVEList

CVE-2017-6966: readelf in GNU Binutils 2↗2017-03-17

▶

📋Vendor Advisories

Ubuntu

GNU binutils vulnerabilities↗2021-07-21

▶

Red Hat

binutils: Use-after-free in target_specific_reloc_handling in readelf↗2017-02-13

▶

Debian

CVE-2017-6966: binutils - readelf in GNU Binutils 2.28 has a use-after-free (specifically read-after-free)...↗2017

▶

💬Community

Bugzilla

CVE-2017-6966 binutils: Use-after-free in target_specific_reloc_handling in readelf↗2017-03-24

▶