The Binary File Descriptor (BFD) library (aka libbfd) has an invalid read (of size 8) because the code to emit relocs (bfd_elf_final_link function in bfd/elflink.c) does not check the format of the input file before trying to read the ELF reloc section header. The vulnerability leads to a GNU linker (ld) program crash. Upstream bug: https://sourceware.org/bugzilla/show_bug.cgi?id=20908
Created mingw-binutils tracking bugs for this issue: Affects: epel-all [bug 1435309]