During the parsing of ELF section headers, there is a user controlled size that is not validated, a malicious threat actor could craft an ELF file with specific section headers to trigger this vulnerability, potentially leading to remote code execution. Hopper is a reverse engineering tool for macOS and Linux allowing the user to disassemble and decompile 32/64bit Intel-based Mac, Linux, Windows and iOS executables. Talos has identified an exploitable out-of-bounds write vulnerability in the ELF Section Header parsing functionality of Hopper ( TALOS-2016-0222/CVE-2016-8390). Vulnerability Discovered by Tyler Bohan and Cory Duplantis of Cisco Talos
