Bug 2150768 (CVE-2022-4285) - CVE-2022-4285 binutils: NULL pointer dereference in _bfd_elf_get_symbol_version_string leads to segfault
Summary: CVE-2022-4285 binutils: NULL pointer dereference in _bfd_elf_get_symbol_versi...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2022-4285
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2152949 Red Hat2153227 Red Hat2153228 Red Hat2164700 Red Hat2164701 Red Hat2183322 2152945 2152946 2152947 2152948 2152950 Red Hat2153214 Red Hat2153215 Red Hat2153216 Red Hat2153217 Red Hat2153218 Red Hat2153219 Red Hat2153220 Red Hat2153221 Red Hat2153222 Red Hat2153223 Red Hat2153224 Red Hat2153225 Red Hat2153226
Blocks: Embargoed2150766
TreeView+ depends on / blocked
 
Reported: 2022-12-05 09:18 UTC by Mauro Matteo Cascella
Modified: 2023-05-23 16:42 UTC (History)
13 users (show)

Fixed In Version: binutils 2.39-7
Doc Type: If docs needed, set a value
Doc Text:
An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599.
Clone Of:
Environment:
Last Closed: 2023-05-23 16:42:59 UTC


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2023:2873 0 None None None 2023-05-16 08:23:23 UTC
Red Hat Product Errata RHSA-2023:3269 0 None None None 2023-05-23 11:27:10 UTC

Description Mauro Matteo Cascella 2022-12-05 09:18:22 UTC
Illegal memory access when parsing an ELF file containing corrupt symbol version information. Incomplete fix of CVE-2020-16599.

Upstream issue & fix:
https://sourceware.org/bugzilla/show_bug.cgi?id=29699
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5c831a3c7f3ca98d6aba1200353311e1a1f84c70

Comment 1 Marian Rehak 2022-12-13 15:02:02 UTC
Created binutils tracking bugs for this issue:

Affects: fedora-all [bug 2152946]


Created gdb tracking bugs for this issue:

Affects: fedora-all [bug 2152947]


Created insight tracking bugs for this issue:

Affects: fedora-all [bug 2152948]


Created mingw-binutils tracking bugs for this issue:

Affects: fedora-all [bug 2152945]


Created radare2 tracking bugs for this issue:

Affects: fedora-all [bug 2152949]


Created rizin tracking bugs for this issue:

Affects: fedora-all [bug 2152950]

Comment 4 errata-xmlrpc 2023-05-16 08:23:22 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:2873 https://access.redhat.com/errata/RHSA-2023:2873

Comment 5 errata-xmlrpc 2023-05-23 11:27:08 UTC
This issue has been addressed in the following products:

  Red Hat Software Collections for Red Hat Enterprise Linux 7

Via RHSA-2023:3269 https://access.redhat.com/errata/RHSA-2023:3269

Comment 6 Product Security DevOps Team 2023-05-23 16:42:56 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2022-4285


Note You need to log in before you can comment on or make changes to this bug.