nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global symbols, which allows remote attackers to cause a denial of service (_bfd_elf_get_symbol_version_string buffer over-read and application crash) or possibly have unspecified other impact via a crafted ELF file.
nm.c y objdump.c en GNU Binutils 2.29.1 gestionan de manera incorrecta ciertos símbolos globales, lo que permite que atacantes remotos provoquen una denegación de servicio (sobrelectura del búfer _bfd_elf_get_symbol_version_string y cierre inesperado de la aplicación) o, probablemente, causen otro impacto sin especificar mediante un archivo ELF modificado.
USN-4336-1 fixed several vulnerabilities in GNU binutils. This update provides the corresponding update for Ubuntu 16.04 ESM. It was discovered that GNU binutils contained a large number of security issues. If a user or automated system were tricked into processing a specially-crafted file, a remote attacker could cause GNU binutils to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
