Bug 1735604 (CVE-2019-1010204)
Summary: | CVE-2019-1010204 binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread.cc and elfcpp/elfcpp_file.h leads to denial of service | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Dhananjay Arunesh <darunesh> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | unspecified | CC: | aoliva, apmukher, dvlasenk, fweimer, jakub, law, mcermak, mnewsome, mpolacek, mprchlik, nickc, ohudlick, tborcin |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2020-04-28 16:33:33 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1735605, 1739250, 1739251, 1739252, 1739254 | ||
Bug Blocks: | 1735607 |
Description
Dhananjay Arunesh
2019-08-01 06:49:54 UTC
Created binutils tracking bugs for this issue: Affects: fedora-all [bug 1735605] Statement: This issue affects the binutils package version as shipped with Red Hat Enterprise Linux 7 and 8. The security impact was classified as 'Low' by the Red Hat Product Security Team. Red Hat Enterprise Linux 5 and 6 are not affected as ld.gold is not shipped with any of these version. This flaw also affects the binutils versions shipped with Red Hat Developer Toolset 7 and 8. There's an issue with ld.gold which allow an attacker to cause DoS. During the ELF file read the function File:: do_read() doesn't proper validate the start offset for reading, this leads to invalid memory access when executing memcpy() causing the program termination due to Segmentation Fault. This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:1797 https://access.redhat.com/errata/RHSA-2020:1797 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-1010204 |