Denial of Service Vulnerability in GNU Binutils from the BFD Library
CVE-2017-15225

5.5MEDIUM

Key Information:

Vendor

Gnu
Status
Binutils
Vendor
CVE Published:
3 October 2022

What is CVE-2017-15225?

A vulnerability exists in the Binary File Descriptor (BFD) library, specifically in the _bfd_dwarf2_cleanup_debug_info function within dwarf2.c, as included in GNU Binutils version 2.29. This flaw allows remote attackers to exploit a crafted ELF (Executable and Linkable Format) file, resulting in a denial of service through a memory leak. This issue can compromise system stability and requires immediate attention due to potential remote exploitation risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git%...
x_refsource_CONFIRM
https://sourceware.org/bugzilla/show_bug.cgi?id=22212
x_refsource_CONFIRM

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.