Bug 1947111 (CVE-2021-3487) - CVE-2021-3487 binutils: excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read_section()
Summary: CVE-2021-3487 binutils: excessive debug section size can cause excessive memo...
Keywords:
Status: NEW
Alias: CVE-2021-3487
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1947134 1947299 1947301 1947302 1947303 1947304 1947966 1947132 1947133 1947135 1947136 1947137 1947138 1947298 1947300 1947969 1947970
Blocks: 1938941 1947652
TreeView+ depends on / blocked
 
Reported: 2021-04-07 17:43 UTC by Todd Cullum
Modified: 2021-04-16 10:31 UTC (History)
25 users (show)

Fixed In Version: binutils 2.36
Doc Type: If docs needed, set a value
Doc Text:
There's a flaw in the BFD library of binutils. An attacker who supplies a crafted file to an application linked with BFD, and using the DWARF functionality, could cause an impact to system availability by way of excessive memory consumption.
Clone Of:
Environment:
Last Closed:


Attachments (Terms of Use)

Description Todd Cullum 2021-04-07 17:43:20 UTC
read_section() in dwarf2.c of BFD could cause excessive memory consumption when handling corrupt DWARF debug sections. This could lead to an impact to system availability, denial of service, and/or a crash in applications linked with the BFD library's DWARF functionality if they parse files from untrusted sources.

Reference:
https://sourceware.org/bugzilla/show_bug.cgi?id=26946

Upstream patch commit: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=647cebce12a6b0a26960220caff96ff38978cf24

Comment 8 Todd Cullum 2021-04-09 15:56:17 UTC
Mitigation:

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Comment 9 Todd Cullum 2021-04-09 15:56:51 UTC
Created binutils tracking bugs for this issue:

Affects: fedora-all [bug 1947969]


Created mingw-binutils tracking bugs for this issue:

Affects: fedora-all [bug 1947970]


Note You need to log in before you can comment on or make changes to this bug.