Bug 1162570 – CVE-2014-8501 binutils: out-of-bounds write when parsing specially crafted PE executable

Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.

Bug 1162570 - (CVE-2014-8501) CVE-2014-8501 binutils: out-of-bounds write when parsing specially crafted PE executable

Summary:	CVE-2014-8501 binutils: out-of-bounds write when parsing specially crafted PE...

Status:	NEW

Aliases:	CVE-2014-8501

Product:	Security Response
Classification:	Other
Component:	vulnerability (Show other bugs)
Sub Component:
Version:	unspecified
Hardware:	All Linux

Priority	low Severity low
Target Milestone:	---
Target Release:	---
Assigned To:	Red Hat Product Security
QA Contact:
Docs Contact:

URL:
Whiteboard:	impact=low,public=20141026,reported=2...
Keywords:	Security

Depends On:	1162581 1162574 1162575 1162576 1162577 1162578 1162580 1162582 1162583 1168281 1168302 1172710
Blocks:	1156276 1210268
	Show dependency tree / graph

Reported:	2014-11-11 06:05 EST by Vasyl Kaigorodov
Modified:	2017-01-20 04:40 EST (History)
CC List:	23 users (show)

See Also:
Fixed In Version:	binutils 2.25
Doc Type:	Bug Fix
Doc Text:	A stack-based buffer overflow flaw was found in the way various binutils utilities processed certain files. If a user were tricked into processing a specially crafted file, it could cause the utility used to process that file to crash or, potentially, execute arbitrary code with the privileges of the user running that utility.
Story Points:	---
Clone Of:
Environment:
Last Closed:
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

External Trackers
Tracker	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2015:2079	normal	SHIPPED_LIVE	Moderate: binutils security, bug fix, and enhancement update	2015-11-19 02:41:11 EST

Groups: None (edit)

Description Vasyl Kaigorodov 2014-11-11 06:05:58 EST

It was reported [1] that running strings, nm or objdump on a constructed PE file [2] leads to out-of bounds write to an unitialized memory area.
Upstream path for this issue is at [3].

[1]: https://sourceware.org/bugzilla/show_bug.cgi?id=17512#c0
[2]: https://sourceware.org/bugzilla/attachment.cgi?id=7849
[3]: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7e1e19887abd24aeb15066b141cdff5541e0ec8e

Comment 1 Vasyl Kaigorodov 2014-11-11 06:10:12 EST

Created mingw-binutils tracking bugs for this issue:

Affects: fedora-all [bug 1162578]
Affects: epel-all [bug 1162583]

Comment 2 Vasyl Kaigorodov 2014-11-11 06:10:16 EST

Created avr-binutils tracking bugs for this issue:

Affects: fedora-all [bug 1162575]
Affects: epel-all [bug 1162581]

Comment 3 Vasyl Kaigorodov 2014-11-11 06:10:19 EST

Created arm-none-eabi-binutils-cs tracking bugs for this issue:

Affects: fedora-all [bug 1162574]

Comment 4 Vasyl Kaigorodov 2014-11-11 06:10:22 EST

Created msp430-binutils tracking bugs for this issue:

Affects: fedora-all [bug 1162580]

Comment 5 Vasyl Kaigorodov 2014-11-11 06:10:26 EST

Created cross-binutils tracking bugs for this issue:

Affects: fedora-all [bug 1162577]
Affects: epel-all [bug 1162582]

Comment 6 Vasyl Kaigorodov 2014-11-11 06:10:29 EST

Created binutils tracking bugs for this issue:

Affects: fedora-all [bug 1162576]

Comment 7 Vasyl Kaigorodov 2014-11-26 09:39:25 EST

Statement:

Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.

Comment 9 Fedora Update System 2014-12-05 21:37:14 EST

arm-none-eabi-binutils-cs-2014.05.28-3.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 10 Fedora Update System 2014-12-05 21:40:36 EST

avr-binutils-2.24-3.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 11 Fedora Update System 2014-12-06 05:04:23 EST

avr-binutils-2.24-4.fc21 has been pushed to the Fedora 21 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 12 Fedora Update System 2014-12-06 05:09:20 EST

arm-none-eabi-binutils-cs-2014.05.28-3.fc21 has been pushed to the Fedora 21 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 13 Fedora Update System 2014-12-06 23:37:46 EST

avr-binutils-2.24-3.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 14 Fedora Update System 2014-12-06 23:39:41 EST

arm-none-eabi-binutils-cs-2014.05.28-3.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 17 Nick Clifton 2015-06-26 11:40:40 EDT

Hi Guys,

  The recently uploaded patch for BZ 1162594 also fixes this bug:

https://bugzilla.redhat.com/attachment.cgi?id=1043575&action=diff

Cheers
  Nick

Comment 18 errata-xmlrpc 2015-11-18 22:33:00 EST

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2015:2079 https://rhn.redhat.com/errata/RHSA-2015-2079.html

Note You need to log in before you can comment on or make changes to this bug.

bgollahe
dan
dhowells
erik-fedora
fedora-mingw
jakub
jgalipea
kalevlember
kanderso
law
lkocman
lkundrak
mhlavink
mnewsome
mprchlik
nickc
ohudlick
pfrankli
rjones
rob
swhiteho
thibault.north
trond.danielsen