VYPR
High severity7.5NVD Advisory· Published Mar 29, 2017· Updated Jun 17, 2026

CVE-2017-7300

CVE-2017-7300

Description

The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in bfd/aoutx.h that is vulnerable to a heap-based buffer over-read (off-by-one) because of an incomplete check for invalid string offsets while loading symbols, leading to a GNU linker (ld) program crash.

Affected products

22

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.