An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c, as demonstrated by nm.
Created binutils tracking bugs for this issue:
Affects: fedora-all [bug 1771669]
Created mingw-binutils tracking bugs for this issue:
Affects: epel-6 [bug 1771673]
Affects: epel-7 [bug 1771672]
Affects: fedora-all [bug 1771670]
There's an issue on libbfd from binutils package while processing BFD data. When reading BFD sections from an ELF binary to extract debug information, _bfd_dwarf2_slurp_debug_info() doesn't properly validate section's size leading to a integer overflow. An attacker can leverage that by crafting a ELF file which may trigger the bug further causing heap data corruption and DoS.
This issue has been addressed in the following products:
Red Hat Enterprise Linux 8
Via RHSA-2020:1797 https://access.redhat.com/errata/RHSA-2020:1797
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):