Medium severity5.5NVD Advisory· Published Oct 5, 2017· Updated Jun 17, 2026
CVE-2017-15023
CVE-2017-15023
Description
read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not properly validate the format count, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to concat_filename.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
4- blogs.gentoo.org/ago/2017/10/03/binutils-null-pointer-dereference-in-concat_filename-dwarf2-c/nvdPatchThird Party AdvisoryVDB Entry
- sourceware.org/bugzilla/show_bug.cginvdIssue TrackingPatchThird Party Advisory
- www.securityfocus.com/bid/101611nvd
- security.gentoo.org/glsa/201801-01nvd
News mentions
0No linked articles in our index yet.