Description
The pe_ILF_object_p function in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to a heap-based buffer over-read of size 4049 because it uses the strlen function instead of strnlen, leading to program crashes in several utilities such as addr2line, size, and strings. It could lead to information disclosure as well.
References (1)
Core 1
Core References
Issue Tracking, Patch x_refsource_confirm
https://sourceware.org/bugzilla/show_bug.cgi?id=20905
Scores
CVSS v3
9.1
EPSS
0.0038
EPSS Percentile
59.6%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Details
CWE
CWE-125
Status
published
Products (1)
gnu/binutils
2.28
Published
Mar 22, 2017
Tracked Since
Feb 18, 2026