ByteOS Network

NVD Vulnerability Details :

CVE-2017-7302

Deferred

Source-cve@mitre.org

Published At-29 Mar, 2017 | 15:59

Updated At-20 Apr, 2025 | 01:37

The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a swap_std_reloc_out function in bfd/aoutx.h that is vulnerable to an invalid read (of size 4) because of missing checks for relocs that could not be recognised. This vulnerability causes Binutils utilities like strip to crash.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.0	7.5	HIGH	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary	2.0	5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:N/A:P

CPE Matches

GNU

>>binutils>>2.28

cpe:2.3:a:gnu:binutils:2.28:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-125	Primary	nvd@nist.gov

References

Hyperlink	Source	Resource
http://www.securityfocus.com/bid/97216	cve@mitre.org	Patch VDB Entry
https://sourceware.org/bugzilla/show_bug.cgi?id=20921	cve@mitre.org	Issue Tracking Patch
http://www.securityfocus.com/bid/97216	af854a3a-2127-422b-91ae-364da2661108	Patch VDB Entry
https://sourceware.org/bugzilla/show_bug.cgi?id=20921	af854a3a-2127-422b-91ae-364da2661108	Issue Tracking Patch

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History