Bug 860769
Summary: | CVE-2012-3509 libiberty: integer overflow, leading to heap-buffer overflow by processing certain file headers via bfd binary [fedora-all] | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Jan Lieskovsky <jlieskov> |
Component: | gdb | Assignee: | Jan Kratochvil <jan.kratochvil> |
Status: | CLOSED NOTABUG | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 17 | CC: | gbenson, jan.kratochvil, palves, pmuldoon, sergiodj, tromey |
Target Milestone: | --- | Keywords: | Security, SecurityTracking |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Release Note | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2012-11-16 10:21:12 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 849693 |
Description
Jan Lieskovsky
2012-09-26 16:42:07 UTC
Closing this bug as invalid. See: https://bugzilla.redhat.com/show_bug.cgi?id=849693#c33 for further details. The deficiency in the libiberty code itself is present in gdb code. But due to a way how the underlying buffer pre-allocated via libiberty is later used in gdb it is not possible to use this flaw in gdb to reach arbitrary code execution (the buffer is zeroed right after allocation, making the invalid write to be limited to the ability to write zeroes only). Therefore as such the maximum available security implication here is a crash. Red Hat Security Response Team does not consider user-assisted crash of end-user application, such as gdb, to be a security flaw. |