Upstream information

CVE-2017-6965 at MITRE

Description

readelf in GNU Binutils 2.28 writes to illegal addresses while processing corrupt input files containing symbol-difference relocations, leading to a heap-based buffer overflow.

SUSE information

CVSS v2 Scores
  National Vulnerability Database
Base Score 4.30
Vector AV:N/AC:M/Au:N/C:N/I:N/A:P
Access Vector Network
Access Complexity Medium
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial

This issue is currently rated as having moderate severity.

SUSE Bugzilla entries: 1029909 [REOPENED], 1030295 [NEW]

No SUSE Security Announcements cross referenced.