VDB

ALPINE-CVE-2017-7614

ALPINE-CVE-2017-7614 PUBLISHED CVSS 9.800000190734863 CRITICAL

elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has a "member access within null pointer" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an "int main() {return 0;}" program.

Risk Scores

CVSS 3.0
9.800000190734863
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
Alpine:v3.8binutils2.22-r1, 2.25-r3, 2.25-r2
Alpine:v3.6binutils2.22-r0, 2.21.1-r0, 2.20.51.0.4-r1
Alpine:v3.18binutils2.23-r0, 2.21.1-r0, 2.22-r0
Alpine:v3.4binutils2.20.51.0.12-r0, 0, 0
Alpine:v3.24binutils0
Alpine:v3.23binutils0, 0, 2.28-r0
Alpine:v3.12binutils2.21-r0, 0, 2.28-r0
Alpine:v3.14binutils2.20.51.0.4-r1, 2.21-r0, 2.21.1-r0
Alpine:v3.7binutils2.24-r5, 0, 2.28-r0
Alpine:v3.19binutils2.21-r0, 2.25-r0, 2.25-r1
Alpine:v3.22binutils2.21-r0, 0, 2.20.51.0.12-r0
Alpine:v3.13binutils2.21.1-r0, 0, 2.28-r0
Alpine:v3.9binutils0, 2.20.51.0.12-r0, 2.20.51.0.4-r1
Alpine:v3.10binutils2.23.2-r0, 2.20.51.0.12-r0, 2.20.51.0.4-r1
Alpine:v3.16binutils2.20.51.0.4-r1, 0, 2.25-r3
Alpine:v3.11binutils2.25.1-r0, 2.24-r3, 2.25.1-r0
Alpine:v3.17binutils0, 2.20.51.0.12-r0, 2.21-r0
Alpine:v3.5binutils2.20.51.0.4-r1, 0, 2.23.2-r0
Alpine:v3.20binutils2.25.1-r0, 2.26-r0, 2.26.1-r0
Alpine:v3.21binutils2.20.51.0.12-r0, 0, 0

…and 1 more

Timeline

  • Apr 9, 2017 CVE Published
  • Apr 30, 2026 Distribution Patch
  • Jun 15, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›