The bfd_get_debug_link_info_1 function in opncls.c in the Binary File Descriptor library , as distributed in GNU Binutils 2.30, has an unchecked strnlen operation. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted ELF file.