Bug 1250129 - (CVE-2014-9939) CVE-2014-9939 binutils: buffer overflow in ihex.c
CVE-2014-9939 binutils: buffer overflow in ihex.c
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
: Security
Depends On: 1250141
Blocks: 1250146
  Show dependency treegraph
Reported: 2015-08-04 11:01 EDT by Adam Mariš
Modified: 2017-03-23 08:39 EDT (History)
27 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2015-08-05 10:46:02 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Upstream patch (2.54 KB, patch)
2015-08-04 11:07 EDT, Adam Mariš
no flags Details | Diff
Reproducer (20 bytes, application/octet-stream)
2015-08-04 11:10 EDT, Adam Mariš
no flags Details

External Trackers
Tracker ID Priority Status Summary Last Updated
Sourceware 18750 None None None Never

  None (edit)
Description Adam Mariš 2015-08-04 11:01:01 EDT
There was found a buffer overflow vulnerability in binutils 2.6 and lower in ihex.c.

Waiting for CVE assignment:
Comment 1 Adam Mariš 2015-08-04 11:07:18 EDT
Created attachment 1059121 [details]
Upstream patch
Comment 2 Adam Mariš 2015-08-04 11:10:44 EDT
Created attachment 1059123 [details]
Comment 3 Adam Mariš 2015-08-04 11:12:42 EDT
Created binutils tracking bugs for this issue:

Affects: fedora-all [bug 1250141]
Comment 4 Nick Clifton 2015-08-04 12:45:24 EDT
This bug is now fixed in: binutils-2.25.1-3.fc24

I am not sure if the problem is important enough to warrant backporting the patch to earlier versions of Fedora however.
Comment 5 Jeff Law 2015-08-04 12:46:58 EDT
I wouldn't think that ihex would be important enough to warrant backporting to earlier versions of fedora.
Comment 6 Stefan Cornelius 2015-08-05 09:53:17 EDT
For RHEL5/6/7/Fedora, the stack-based buffer overflow is detected and mitigated by fortify source. Thus, the worst outcome should be a mere crash/application abort. It should not be possible to exploit this flaw to gain code execution.


This issue affects the versions of binutils as shipped with Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this issue as having Low security impact. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.
Comment 9 Yaakov Selkowitz 2015-08-25 22:05:39 EDT
fedora-all/arm-none-eabi-binutils-cs=affected appears to be missing from the Whiteboard.  This has been fixed in cross-binutils but not yet in the other *-binutils packages.

Note You need to log in before you can comment on or make changes to this bug.