The elf_read_notesfunction in bfd/elf.c in GNU Binutils 2.29 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file.
The master branch has been updated by Nick Clifton <email@example.com>:
Author: Nick Clifton <firstname.lastname@example.org>
Date: Thu Aug 10 09:37:36 2017 +0100
Fix out of bounds memory access when trying to allocate space for a note of size -1.
@maintainer(s), please test and follow procedure to stabilize and/or close on report...thank you.
Gentoo Security Scout
All affected versions are masked. No further cleanup (toolchain package).
Nothing to do for toolchain here anymore. Please proceed.
Added to existing GLSA request.
Gentoo Security Padawan
This issue was resolved and addressed in
GLSA 201801-01 at https://security.gentoo.org/glsa/201801-01
by GLSA coordinator Aaron Bauman (b-man).