Bug 2185646 (CVE-2023-1972) - CVE-2023-1972 binutils: Illegal memory access when accessing a zer0-lengthverdef table
Summary: CVE-2023-1972 binutils: Illegal memory access when accessing a zer0-lengthver...
Keywords:
Status: NEW
Alias: CVE-2023-1972
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On: 2186579 2186567 2186568 2186569 2186570 2186571 2186572 2186573 2186574 2186575 2186576 2186577 2186580 2186581 2186582 2186583 2186584 2186585 2186586 2186587 2186588 2186589 2186590 2186591
Blocks: 2185647
TreeView+ depends on / blocked
 
Reported: 2023-04-10 17:57 UTC by Pedro Sampaio
Modified: 2024-02-01 03:42 UTC (History)
27 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A potential heap-based buffer overflow was found in binutils in the _bfd_elf_slurp_version_tables() function in bfd/elf.c. This issue may lead to a loss of availability.
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Comment 1 Nick Clifton 2023-04-11 13:06:44 UTC
Notes for people reviewing this CVE:

  1. It only affects programs that use the BFD library to load ELF symbol version information.
  2. It requires corrupt input in order to trigger the bug.
  3. If triggered the most that it can do is cause the program to terminate with a segmentation fault.  It will not cause the generation of corrupt output.

Comment 4 Marian Rehak 2023-04-13 18:26:57 UTC
Created binutils tracking bugs for this issue:

Affects: fedora-36 [bug 2186584]
Affects: fedora-37 [bug 2186586]
Affects: fedora-all [bug 2186579]


Created insight tracking bugs for this issue:

Affects: fedora-36 [bug 2186582]
Affects: fedora-37 [bug 2186587]


Created mingw-binutils tracking bugs for this issue:

Affects: fedora-36 [bug 2186583]
Affects: fedora-37 [bug 2186588]


Created radare2 tracking bugs for this issue:

Affects: epel-7 [bug 2186591]
Affects: epel-8 [bug 2186590]
Affects: fedora-36 [bug 2186580]
Affects: fedora-37 [bug 2186589]


Created rizin tracking bugs for this issue:

Affects: epel-8 [bug 2186585]
Affects: fedora-36 [bug 2186581]


Note You need to log in before you can comment on or make changes to this bug.