2043408 – bintutils: heap overflow in libbfd.c

Bug 2043408 - bintutils: heap overflow in libbfd.c

Summary: bintutils: heap overflow in libbfd.c

Keywords:
Status:	NEW
Alias:	None
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Nobody
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2043409 2043410 2072464 2072465 2072466 2072467 2072468
Blocks:	2043401
TreeView+	depends on / blocked

Reported:	2022-01-21 08:15 UTC by Dhananjay Arunesh
Modified:	2023-07-09 12:57 UTC (History)
CC List:	30 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description Dhananjay Arunesh 2022-01-21 08:15:38 UTC

An off-by-one error in the check to make sure that the buffer
containing the auxiliary symbol data was not overrun, which leads the adversary can both read and write the system memory and cause a denial of service.

References:
https://sourceware.org/bugzilla/show_bug.cgi?id=26240

Comment 1 Dhananjay Arunesh 2022-01-21 08:17:29 UTC

Created binutils tracking bugs for this issue:

Affects: fedora-all [bug 2043409]


Created mingw-binutils tracking bugs for this issue:

Affects: fedora-all [bug 2043410]

Comment 2 Sandro Mani 2022-01-28 18:10:08 UTC

Fix: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=4fd8d5856435ff84de1f181381fc51754285af6f

Note You need to log in before you can comment on or make changes to this bug.

ailan
aoliva
bdettelb
caswilli
dhalasz
dvlasenk
elima
erik-fedora
fjansen
fweimer
jakub
jburrell
jwong
kaycoth
klember
ktietz
manisandro
marcandre.lureau
mcermak
micjohns
mpolacek
mprchlik
nickc
ohudlick
rjones
sipoyare
sthirugn
virt-maint
vkrizan
vmugicag