DEBIAN-CVE-2017-6966

DEBIAN-CVE-2017-6966 PUBLISHED CVSS 5.5 MEDIUM

readelf in GNU Binutils 2.28 has a use-after-free (specifically read-after-free) error while processing multiple, relocated sections in an MSP430 binary. This is caused by mishandling of an invalid symbol index, and mishandling of state across invocations.

Risk Scores

CVSS 3.0

5.5

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Debian:11	binutils	0, 0, 0
Debian:12	binutils	0, 0, 0
Debian:13	binutils	0, 0, 0
Debian:14	binutils	0, 0, 0

Timeline

Mar 17, 2017 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2017-6966 advisory

Open in Interactive Console →