_bfd_dwarf2_cleanup_debug_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (memory leak) via a crafted ELF file.
Patch added to gentoo/binutils-2.29.1 branch
Fixed in 2.29.1-r1
All affected versions are masked. No further cleanup (toolchain package).
Nothing to do for toolchain here anymore. Please proceed.
Added to existing GLSA request.
Gentoo Security Padawan
This issue was resolved and addressed in
GLSA 201801-01 at https://security.gentoo.org/glsa/201801-01
by GLSA coordinator Aaron Bauman (b-man).