1250129 – (CVE-2014-9939) CVE-2014-9939 binutils: buffer overflow in ihex.c

Bug 1250129 (CVE-2014-9939) - CVE-2014-9939 binutils: buffer overflow in ihex.c

Summary: CVE-2014-9939 binutils: buffer overflow in ihex.c

Keywords:
Status:	CLOSED WONTFIX
Alias:	CVE-2014-9939
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1250141
Blocks:	1250146
TreeView+	depends on / blocked

Reported:	2015-08-04 15:01 UTC by Adam Mariš
Modified:	2021-02-17 05:03 UTC (History)
CC List:	27 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2015-08-05 14:46:02 UTC
Embargoed:

Attachments	(Terms of Use)
Upstream patch (2.54 KB, patch) 2015-08-04 15:07 UTC, Adam Mariš	no flags	Details \| Diff
Reproducer (20 bytes, application/octet-stream) 2015-08-04 15:10 UTC, Adam Mariš	no flags	Details
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Sourceware	18750	0	None	None	None	Never

Description Adam Mariš 2015-08-04 15:01:01 UTC

There was found a buffer overflow vulnerability in binutils 2.6 and lower in ihex.c.

Waiting for CVE assignment:
http://seclists.org/oss-sec/2015/q3/265

Comment 1 Adam Mariš 2015-08-04 15:07:18 UTC

Created attachment 1059121 [details]
Upstream patch

Comment 2 Adam Mariš 2015-08-04 15:10:44 UTC

Created attachment 1059123 [details]
Reproducer

Comment 3 Adam Mariš 2015-08-04 15:12:42 UTC

Created binutils tracking bugs for this issue:

Affects: fedora-all [bug 1250141]

Comment 4 Nick Clifton 2015-08-04 16:45:24 UTC

This bug is now fixed in: binutils-2.25.1-3.fc24

I am not sure if the problem is important enough to warrant backporting the patch to earlier versions of Fedora however.

Comment 5 Jeff Law 2015-08-04 16:46:58 UTC

I wouldn't think that ihex would be important enough to warrant backporting to earlier versions of fedora.

Comment 6 Stefan Cornelius 2015-08-05 13:53:17 UTC

For RHEL5/6/7/Fedora, the stack-based buffer overflow is detected and mitigated by fortify source. Thus, the worst outcome should be a mere crash/application abort. It should not be possible to exploit this flaw to gain code execution.

Statement:

This issue affects the versions of binutils as shipped with Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this issue as having Low security impact. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.

Comment 9 Yaakov Selkowitz 2015-08-26 02:05:39 UTC

fedora-all/arm-none-eabi-binutils-cs=affected appears to be missing from the Whiteboard.  This has been fixed in cross-binutils but not yet in the other *-binutils packages.

Note You need to log in before you can comment on or make changes to this bug.

barracks510
carnil
dan
dhowells
erik-fedora
fedora-mingw
giallu
jakub
kanderso
klember
ktietz
law
lkocman
lkundrak
mfranc
mhlavink
nickc
nobody+bgollahe
ohudlick
opensource
rjones
rob
swhiteho
thibault.north
tmlcoch
trond.danielsen
yselkowi