2167504 – binutils: NULL pointer segmentation fault when accessing field `the_bfd` in function `compare_symbols`

Bug 2167504 - binutils: NULL pointer segmentation fault when accessing field `the_bfd` in function `compare_symbols`

Summary: binutils: NULL pointer segmentation fault when accessing field `the_bfd` in f...

Keywords:
Status:	NEW
Alias:	None
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Nobody
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2174205 2174098 2174099 2174101 2174102 2174103 2174104 2174105 2174106 2174107 2174108 2174109 2174110 2174111 2174112 2174185 2174186 2174187 2174188 2174189 2174190 2174191 2174192 2174204 2174206 2174209 2174210 2174211 2174212 2174213 2174214 2174215 2174216
Blocks:	2160830
TreeView+	depends on / blocked

Reported:	2023-02-06 20:10 UTC by Pedro Sampaio
Modified:	2023-09-26 21:44 UTC (History)
CC List:	31 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:	A flaw was found in binutils, where there is a NULL pointer segmentation fault when accessing the field `the_bfd` in the `compare_symbols` function. This flaw may cause a crash to the objdump binary when reading a crafted file, impacting availability.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description Pedro Sampaio 2023-02-06 20:10:18 UTC

In Binutils, there is a NULL pointer segmentation fault when accessing field `the_bfd` in function `compare_symbols`.

Upstream bug:

https://sourceware.org/bugzilla/show_bug.cgi?id=29846

Upstream fix:

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=3d3af4ba39e892b1c544d667ca241846bc3df386

Comment 1 Pedro Sampaio 2023-02-28 17:31:38 UTC

Created binutils tracking bugs for this issue:

Affects: fedora-36 [bug 2174106]
Affects: fedora-37 [bug 2174108]
Affects: fedora-all [bug 2174098]


Created gdb tracking bugs for this issue:

Affects: fedora-36 [bug 2174107]


Created insight tracking bugs for this issue:

Affects: fedora-36 [bug 2174103]
Affects: fedora-37 [bug 2174109]


Created mingw-binutils tracking bugs for this issue:

Affects: fedora-36 [bug 2174099]
Affects: fedora-37 [bug 2174111]


Created radare2 tracking bugs for this issue:

Affects: epel-7 [bug 2174112]
Affects: epel-8 [bug 2174105]
Affects: fedora-36 [bug 2174101]
Affects: fedora-37 [bug 2174104]


Created rizin tracking bugs for this issue:

Affects: epel-8 [bug 2174110]
Affects: fedora-36 [bug 2174102]

Comment 9 Siddhesh Poyarekar 2023-03-01 17:31:42 UTC

It's a crash in the objdump standalone binary, it is a bug but AFAICT there's no security implication to this bug.

Comment 10 Siddhesh Poyarekar 2023-03-01 17:33:42 UTC

Also please note that none of these CVEs (CVE-2023-25584, CVE-2023-25585, CVE-2023-25587 or CVE-2023-25588) affect gdb in RHEL or Fedora.  gdb does not have or build the affected code.

Note You need to log in before you can comment on or make changes to this bug.

ailan
bdettelb
caswilli
dffrench
dkuc
fjansen
fweimer
gdb-bugs
gzaronik
hbraun
hkataria
jburrell
jkoehler
jmitchel
jtanner
jwon
kaycoth
keiths
kshier
mcermak
micjohns
mpolacek
mprchlik
ngough
nickc
ohudlick
rgodfrey
rjones
sipoyare
sthirugn
virt-maint