Use-after-free vulnerability in readelf in GNU Binutils 2.28

Use-after-free vulnerability in readelf in GNU Binutils 2.28

CVE-2017-6966 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

readelf in GNU Binutils 2.28 has a use-after-free (specifically read-after-free) error while processing multiple, relocated sections in an MSP430 binary. This is caused by mishandling of an invalid symbol index, and mishandling of state across invocations.

Learn more about our Web Application Penetration Testing UK.