1
Candidate: CVE-2017-14333
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14333
5
https://sourceware.org/bugzilla/show_bug.cgi?id=21990
7
The process_version_sections function in readelf.c in GNU Binutils 2.29
8
allows attackers to cause a denial of service (Integer Overflow, and hang
9
because of a time-consuming loop) or possibly have unspecified other impact
10
via a crafted binary file with invalid values of ent.vn_next, during
11
"readelf -a" execution.
14
leosilva> code in precise and trusty are quite different, needs backport
21
patch: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=452bf675ea772002aa86fb1d28f3474da70ee1de
22
upstream_binutils: needs-triage
23
precise/esm_binutils: needed
24
trusty_binutils: needed
25
vivid/ubuntu-core_binutils: DNE
26
xenial_binutils: needed
27
zesty_binutils: needed
28
devel_binutils: needed