Invalid Read Vulnerability in GNU Binutils 2.28

Invalid Read Vulnerability in GNU Binutils 2.28

CVE-2017-7303 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read (of size 4) because of missing a check (in the find_link function) for null headers before attempting to match them. This vulnerability causes Binutils utilities like strip to crash.

Learn more about our Web Application Penetration Testing UK.