GNU Binutils is prone to a denial-of-service vulnerability.
An attacker can exploit this issue to cause a denial-of-service condition.
GNU Binutils 2.29 is vulnerable; other versions may also be affected.
Information
Exploit
The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.
References:
- binutils Homepage (binutils)
- binutils: NULL pointer dereference in concat_filename (dwarf2.c) (Agostino Sarubbo)
- Bug 22200 - NULL pointer dereference in concat_filename (dwarf2.c) (sourceware.org)
- PR22200, DWARF5 .debug_line sanity check (sourceware.org)