| Summary: |
CVE-2017-7614 binutils: NULL pointer dereference in bfd_elf_final_link function |
| Product: |
[Other] Security Response
|
Reporter: |
Andrej Nemec <anemec> |
| Component: |
vulnerability | Assignee: |
Red Hat Product Security <security-response-team> |
| Status: |
CLOSED
WONTFIX
|
QA Contact: |
|
| Severity: |
low
|
Docs Contact: |
|
| Priority: |
low
|
|
|
| Version: |
unspecified | CC: |
erik-fedora, fedora-mingw, jakub, klember, ktietz, law, nickc, ohudlick, rjones, yozone, yselkowi
|
| Target Milestone: |
--- | Keywords: |
Security |
| Target Release: |
--- | |
|
| Hardware: |
All | |
|
| OS: |
Linux | |
|
| Whiteboard: |
|
|
Fixed In Version:
|
|
Doc Type:
|
If docs needed, set a value
|
|---|
|
Doc Text:
|
|
Story Points:
|
---
|
|---|
|
Clone Of:
|
|
Environment:
|
|
|---|
|
Last Closed:
|
2017-05-10 08:49:46 UTC
|
Type:
|
---
|
|---|
|
Regression:
|
---
|
Mount Type:
|
---
|
|---|
|
Documentation:
|
---
|
CRM:
|
|
|---|
|
Verified Versions:
|
|
Category:
|
---
|
|---|
|
oVirt Team:
|
---
|
RHEL 7.3 requirements from Atomic Host:
|
|
|---|
|
Cloudforms Team:
|
---
|
Target Upstream Version:
|
|
|---|
|
Embargoed:
|
|
| |
|---|
| Bug Depends On: |
1435307, 1435308, 1435309
|
|
|
| Bug Blocks: |
|
|
|
elflink.c in the Binary File Descriptor (BFD) library (aka libbfd) has a "member access within null pointer" undefined behavior issue, which might allow attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an "int main() {return 0;}" program. Upstream bug: https://sourceware.org/bugzilla/show_bug.cgi?id=21342 Upstream patch: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ad32986fdf9da1c8748e47b8b45100398223dba8