A vulnerability was found in GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An ELF file with an invalid e_shoff header field must be opened. Reference: https://sourceware.org/bugzilla/show_bug.cgi?id=23765
Created binutils tracking bugs for this issue: Affects: fedora-all [bug 1735605]
Statement: This issue affects the binutils package version as shipped with Red Hat Enterprise Linux 7 and 8. The security impact was classified as 'Low' by the Red Hat Product Security Team. Red Hat Enterprise Linux 5 and 6 are not affected as ld.gold is not shipped with any of these version. This flaw also affects the binutils versions shipped with Red Hat Developer Toolset 7 and 8.
There's an issue with ld.gold which allow an attacker to cause DoS. During the ELF file read the function File:: do_read() doesn't proper validate the start offset for reading, this leads to invalid memory access when executing memcpy() causing the program termination due to Segmentation Fault.
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:1797 https://access.redhat.com/errata/RHSA-2020:1797
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-1010204