A NULL pointer dereference was found in elf_link_add_object_symbols function of binutils. A crafted filed could cause the application to crash.
Created binutils tracking bugs for this issue:
Affects: fedora-all [bug 1664713]
Created mingw-binutils tracking bugs for this issue:
Affects: epel-all [bug 1664715]
Affects: fedora-all [bug 1664714]
> A NULL pointer dereference was found in elf_link_add_object_symbols function of binutils
Function elf_link_add_object_symbols() in binutils does not properly check ELF files with no program headers, resulting in an invalid memory dereference. The issue can only be used to make the application crash, as the wrong address fall in the part occupied by the kernel and inaccessible by user application.
The flaws was introduced in:
As such, it does not affect RHEL 5, 6 and 7.
This issue did not affect the versions of binutils as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they did not include the vulnerable code, which was introduced in a newer version of the package.