Invalid Read Vulnerability in GNU Binutils 2.28
CVE-2017-7303 · MEDIUM Severity
AV:N/AC:L/AU:N/C:N/I:N/A:P
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read (of size 4) because of missing a check (in the find_link function) for null headers before attempting to match them. This vulnerability causes Binutils utilities like strip to crash.
Learn more about our Web Application Penetration Testing UK.