The Binary File Descriptor (BFD) library (aka libbfd) is vulnerable to an invalid read (of size 8) because of missing a check (in the copy_special_section_fields function) for an invalid sh_link field before attempting to follow it. This vulnerability causes Binutils utilities like strip to crash. Upstream bug: https://sourceware.org/bugzilla/show_bug.cgi?id=20931
Created mingw-binutils tracking bugs for this issue: Affects: epel-all [bug 1435309]