Bug 1551771 – CVE-2018-7568 binutils: integer overflow via an ELF file with corrupt dwarf1 debug information in libbfd library

Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.

Bug 1551771 - (CVE-2018-7568) CVE-2018-7568 binutils: integer overflow via an ELF file with corrupt dwarf1 debug information in libbfd library

Summary:	CVE-2018-7568 binutils: integer overflow via an ELF file with corrupt dwarf1 ...

Status:	NEW

Aliases:	CVE-2018-7568

Product:	Security Response
Classification:	Other
Component:	vulnerability (Show other bugs)
Sub Component:
Version:	unspecified
Hardware:	All Linux

Priority	low Severity low
Target Milestone:	---
Target Release:	---
Assigned To:	Red Hat Product Security
QA Contact:
Docs Contact:

URL:
Whiteboard:	impact=low,public=20180226,reported=2...
Keywords:	Security

Depends On:	1551772 1551773 1551774 1569580 1569581 1569582 1572223
Blocks:	1551789
	Show dependency tree / graph

Reported:	2018-03-05 18:08 EST by Laura Pardo
Modified:	2018-10-30 03:23 EDT (History)
CC List:	16 users (show)

See Also:
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:	An integer wraparound has been discovered in the Binary File Descriptor (BFD) library distributed in GNU Binutils up to version 2.30. An attacker could cause a crash by providing an ELF file with corrupted DWARF debug information.
Story Points:	---
Clone Of:
Environment:
Last Closed:
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

External Trackers
Tracker	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2018:3032	None	None	None	2018-10-30 03:23 EDT

Groups: None (edit)

Description Laura Pardo 2018-03-05 18:08:08 EST

A flaw was found in the parse_die function in dwarf1.c in the Binary File
Descriptor (BFD) library (aka libbfd) as distributed in GNU Binutils up to
version 2.30, when compiled in 32bit mode. This vulnerability allows remote
attackers to cause a denial of service (integer overflow and application crash)
via an ELF file with corrupted dwarf1 debug information.


References:
https://sourceware.org/bugzilla/show_bug.cgi?id=22894

Patch:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=eef104664efb52965d85a28bc3fc7c77e52e48e2

Comment 1 Laura Pardo 2018-03-05 18:08:37 EST

Created binutils tracking bugs for this issue:

Affects: fedora-all [bug 1551772]


Created mingw-binutils tracking bugs for this issue:

Affects: epel-all [bug 1551774]

Comment 6 errata-xmlrpc 2018-10-30 03:23:27 EDT

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2018:3032 https://access.redhat.com/errata/RHSA-2018:3032

Note You need to log in before you can comment on or make changes to this bug.