Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2017-17122

Опубликовано: 04 дек. 2017
Источник: debian
EPSS Низкий

Описание

The dump_relocs_in_section function in objdump.c in GNU Binutils 2.29.1 does not check for reloc count integer overflows, which allows remote attackers to cause a denial of service (excessive memory allocation, or heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PE file.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
binutilsfixed2.29.51.20171208-1experimentalpackage
binutilsfixed2.29.90.20180122-1package
binutilsignoredstretchpackage
binutilsignoredjessiepackage
binutilsignoredwheezypackage

Примечания

  • https://sourceware.org/bugzilla/show_bug.cgi?id=22508

  • https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d785b7d4b877ed465d04072e17ca19d0f47d840f

EPSS

Процентиль: 44%
0.00218
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2017-17122

CVSS3: 7.8
ubuntu
около 8 лет назад

The dump_relocs_in_section function in objdump.c in GNU Binutils 2.29.1 does not check for reloc count integer overflows, which allows remote attackers to cause a denial of service (excessive memory allocation, or heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PE file.

redhat логотип

CVE-2017-17122

CVSS3: 3.3
redhat
около 8 лет назад

The dump_relocs_in_section function in objdump.c in GNU Binutils 2.29.1 does not check for reloc count integer overflows, which allows remote attackers to cause a denial of service (excessive memory allocation, or heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PE file.

nvd логотип

CVE-2017-17122

CVSS3: 7.8
nvd
около 8 лет назад

The dump_relocs_in_section function in objdump.c in GNU Binutils 2.29.1 does not check for reloc count integer overflows, which allows remote attackers to cause a denial of service (excessive memory allocation, or heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PE file.

github логотип

GHSA-h2pc-rjq9-6889

CVSS3: 7.8
github
больше 3 лет назад

The dump_relocs_in_section function in objdump.c in GNU Binutils 2.29.1 does not check for reloc count integer overflows, which allows remote attackers to cause a denial of service (excessive memory allocation, or heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PE file.

fstec логотип

BDU:2023-07775

CVSS3: 8.8
fstec
около 8 лет назад

Уязвимость функции dump_relocs_in_section компонента objdump.c программного средства разработки GNU Binutils, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

EPSS

Процентиль: 44%
0.00218
Низкий