Vulnerability Details CVE-2017-8394
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 4 due to NULL pointer dereferencing of _bfd_elf_large_com_section. This vulnerability causes programs that conduct an analysis of binary programs using the libbfd library, such as objcopy, to crash.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.7%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References