GNU Binutils 2017-04-03 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash), related to the processmipsspecific function in readelf.c, via a crafted ELF file that triggers a large memory-allocation attempt.