The elf_object_p function in elfcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, has an unsigned integer overflow because bfd_size_type multiplication is not used. A crafted ELF file allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. This problem only affects i686. Upstream bug: https://sourceware.org/bugzilla/show_bug.cgi?id=22746 Upstream patch: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=38e64b0ecc7f4ee64a02514b8d532782ac057fa2
Created binutils tracking bugs for this issue: Affects: fedora-all [bug 1539888] Created mingw-binutils tracking bugs for this issue: Affects: epel-all [bug 1539887]