CVE-2017-6969: binutils: Heap-based buffer over-read in readelf when processing corrupt RL78 binaries

Severity: Critical

CVSS Score: 9.1

readelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer over-read while processing corrupt RL78 binaries. The vulnerability can trigger program crashes. It may lead to an information leak as well.