1500374 – (CVE-2017-15023) CVE-2017-15023 binutils: NULL pointer dereference in read_formatted_entries

Bug 1500374 (CVE-2017-15023) - CVE-2017-15023 binutils: NULL pointer dereference in read_formatted_entries

Summary: CVE-2017-15023 binutils: NULL pointer dereference in read_formatted_entries

Keywords:
Status:	CLOSED WONTFIX
Alias:	CVE-2017-15023
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1499310 1499311
Blocks:
TreeView+	depends on / blocked

Reported:	2017-10-10 13:10 UTC by Andrej Nemec
Modified:	2019-09-29 14:24 UTC (History)
CC List:	15 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2019-06-08 03:28:36 UTC
Embargoed:

Attachments	(Terms of Use)

Description Andrej Nemec 2017-10-10 13:10:37 UTC

read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, does not properly validate the format count, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to concat_filename.

Upstream issue:

https://sourceware.org/bugzilla/show_bug.cgi?id=22200

Upstream patch:

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=c361faae8d964db951b7100cada4dcdc983df1bf

Comment 1 Andrej Nemec 2017-10-10 13:16:39 UTC

Created binutils tracking bugs for this issue:

Affects: fedora-all [bug 1499311]


Created mingw-binutils tracking bugs for this issue:

Affects: epel-all [bug 1499310]

Note You need to log in before you can comment on or make changes to this bug.