GNU Binutils 2.28 allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file with many program headers, related to the get_program_headers function in readelf.c.
GNU Binutils 2.28 permite que atacantes remotos provoquen una denegación de servicio (consumo de memoria) mediante un archivo ELF manipulado con múltiples cabeceras de programa. Esto está relacionado con la función get_program_headers en readelf.c.
USN-4336-1 fixed several vulnerabilities in GNU binutils. This update provides the corresponding update for Ubuntu 16.04 ESM. It was discovered that GNU binutils contained a large number of security issues. If a user or automated system were tricked into processing a specially-crafted file, a remote attacker could cause GNU binutils to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.