1947111 – (CVE-2021-3487) CVE-2021-3487 binutils: Excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read_section()

Bug 1947111 (CVE-2021-3487) - CVE-2021-3487 binutils: Excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c read_section()

Summary: CVE-2021-3487 binutils: Excessive debug section size can cause excessive memo...

Keywords:
Status:	CLOSED NOTABUG
Alias:	CVE-2021-3487
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1947304 1947132 1947133 1947134 1947135 1947136 1947137 1947138 1947298 1947299 1947300 1947301 1947302 1947303 1947966 1947969 1947970
Blocks:	1938941 1947652
TreeView+	depends on / blocked

Reported:	2021-04-07 17:43 UTC by Todd Cullum
Modified:	2023-11-20 04:41 UTC (History)
CC List:	24 users (show)
Fixed In Version:	binutils 2.36
Doc Type:	If docs needed, set a value
Doc Text:	There's a flaw in the BFD library of binutils. An attacker who supplies a crafted file to an application linked with BFD, and using the DWARF functionality, could cause an impact to system availability by way of excessive memory consumption.
Clone Of:
Environment:
Last Closed:	2021-11-09 22:24:31 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2021:4364	0	None	None	None	2021-11-09 18:28:51 UTC

Description Todd Cullum 2021-04-07 17:43:20 UTC

read_section() in dwarf2.c of BFD could cause excessive memory consumption when handling corrupt DWARF debug sections. This could lead to an impact to system availability, denial of service, and/or a crash in applications linked with the BFD library's DWARF functionality if they parse files from untrusted sources.

Reference:
https://sourceware.org/bugzilla/show_bug.cgi?id=26946

Upstream patch commit: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=647cebce12a6b0a26960220caff96ff38978cf24

Comment 8 Todd Cullum 2021-04-09 15:56:17 UTC

Mitigation:

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Comment 9 Todd Cullum 2021-04-09 15:56:51 UTC

Created binutils tracking bugs for this issue:

Affects: fedora-all [bug 1947969]


Created mingw-binutils tracking bugs for this issue:

Affects: fedora-all [bug 1947970]

Comment 15 errata-xmlrpc 2021-11-09 18:28:49 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2021:4364 https://access.redhat.com/errata/RHSA-2021:4364

Comment 16 Product Security DevOps Team 2021-11-09 22:24:28 UTC

This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2021-3487

Comment 18 Sandipan Roy 2023-11-20 04:41:38 UTC

$ rhcve show CVE-2021-3487
CVE-2021-3487
├─ State:	REJECTED

Note You need to log in before you can comment on or make changes to this bug.

adscvr
ailan
aoliva
caswilli
dvlasenk
erik-fedora
fidencio
fweimer
jakub
kaycoth
klember
ktietz
manisandro
marcandre.lureau
mcermak
mnewsome
mpolacek
mprchlik
nickc
ohudlick
rjones
sipoyare
virt-maint
vmugicag