Bug 2234029 (CVE-2022-47696)

Summary: CVE-2022-47696 binutils: segmentation fault in compare_symbols() in objdump.c
Product: [Other] Security Response Reporter: Guilherme de Almeida Suckevicz <gsuckevi>
Component: vulnerabilityAssignee: Product Security <prodsec-ir-bot>
Status: CLOSED NOTABUG QA Contact:
Severity: low Docs Contact:
Priority: low    
Version: unspecifiedCC: acrosby, ailan, bdettelb, caswilli, desktop-qa-list, fjansen, fweimer, gdb-bugs, hkataria, jburrell, jmitchel, jsamir, jsherril, jtanner, kaycoth, keiths, kshier, mcermak, mpolacek, mprchlik, nickc, ohudlick, psegedy, rjones, sipoyare, sthirugn, tsasak, virt-maint, vkrizan
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
A NULL pointer vulnerability was found in binutils in the 'compare_symbols' function. This flaw allows an attacker to craft a specific payload, possibly causing a denial of service that results in a loss of the system's availability.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2023-11-09 09:19:11 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2234034, 2234035, 2234036, 2234315, 2234316, 2234317, 2234318, 2234319, 2234320, 2234321, 2234322, 2234323, 2234324, 2234325, 2234326, 2234327, 2234328, 2234329    
Bug Blocks: 2233947    

Description Guilherme de Almeida Suckevicz 2023-08-23 22:18:46 UTC 
An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function compare_symbols.

Reference:
https://sourceware.org/bugzilla/show_bug.cgi?id=29846
Comment 1 Guilherme de Almeida Suckevicz 2023-08-23 22:30:11 UTC 
According to the description of this CVE in Mitre[1], the reference of this issue is this bug[2], however this bug seems related to CVE-2022-47695[3].

[1]. https://www.cve.org/CVERecord?id=CVE-2022-47695
[2]. https://sourceware.org/bugzilla/show_bug.cgi?id=29677
[3]. https://bugzilla.redhat.com/show_bug.cgi?id=2234027
Comment 2 Guilherme de Almeida Suckevicz 2023-08-23 22:31:35 UTC 
Created binutils tracking bugs for this issue:

Affects: fedora-all [bug 2234034]


Created gdb tracking bugs for this issue:

Affects: fedora-all [bug 2234035]


Created mingw-binutils tracking bugs for this issue:

Affects: fedora-all [bug 2234036]
Comment 5 Nick Clifton 2023-08-24 13:09:26 UTC 
(In reply to Guilherme de Almeida Suckevicz from comment #0)
> An issue was discovered Binutils objdump before 2.39.3 allows attackers to
> cause a denial of service or other unspecified impacts via function
> compare_symbols.

The SECURITY.txt file found in the upstream GNU Binutils sources makes it clear that bug in inspection tools like objdump are not considered to be security issues, and hence do not qualify for CVE treatment.