(https://nvd.nist.gov/vuln/detail/CVE-2018-20651): A NULL pointer dereference was discovered in elf_link_add_object_symbols in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.1. This occurs for a crafted ET_DYN with no program headers. A specially crafted ELF file allows remote attackers to cause a denial of service, as demonstrated by ld. PR 24041 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=54025d5812ff100f5f0654eb7e1ffd50f2e37f5f Gentoo Security Padawan (domhnall)
will be in 2.31.1 patchlevel 6
Maintainer(s), please advise if you are ready for stabilization or call for stabilization yourself.
All affected versions are gone or masked. @security please proceed.
This issue was resolved and addressed in GLSA 201908-01 at https://security.gentoo.org/glsa/201908-01 by GLSA coordinator Aaron Bauman (b-man).