Heap buffer overflow vulnerability in binutils readelf before 2.40 via function display_debug_section in file readelf.c. Reference: https://sourceware.org/bugzilla/show_bug.cgi?id=29799
Created binutils tracking bugs for this issue: Affects: fedora-all [bug 2234014] Created gdb tracking bugs for this issue: Affects: fedora-all [bug 2234015] Created mingw-binutils tracking bugs for this issue: Affects: fedora-all [bug 2234016]
(In reply to Guilherme de Almeida Suckevicz from comment #0) > Heap buffer overflow vulnerability in binutils readelf before 2.40 via > function display_debug_section in file readelf.c. The SECURITY.txt file found in the upstream GNU Binutils sources makes it clear that bug in inspection tools like readelf are not considered to be security issues, and hence do not qualify for CVE treatment.