1515742 – (CVE-2017-15996) CVE-2017-15996 binutils: Excessive memory allocation in elfcomm.c

Bug 1515742 (CVE-2017-15996) - CVE-2017-15996 binutils: Excessive memory allocation in elfcomm.c

Summary: CVE-2017-15996 binutils: Excessive memory allocation in elfcomm.c

Keywords:
Status:	CLOSED WONTFIX
Alias:	CVE-2017-15996
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1499310 1499311
Blocks:
TreeView+	depends on / blocked

Reported:	2017-11-21 09:54 UTC by Andrej Nemec
Modified:	2019-09-29 14:25 UTC (History)
CC List:	15 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2019-06-08 03:31:22 UTC
Embargoed:

Attachments	(Terms of Use)

Description Andrej Nemec 2017-11-21 09:54:23 UTC

elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service (excessive memory allocation) or possibly have unspecified other impact via a crafted ELF file that triggers a "buffer overflow on fuzzed archive header," related to an uninitialized variable, an improper conditional jump, and the get_archive_member_name, process_archive_index_and_symbols, and setup_archive functions.

Upstream issue:

https://sourceware.org/bugzilla/show_bug.cgi?id=22361

Upstream patches:

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=1b86808a86077722ee4f42ff97f836b12420bb2a

References:

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d91f0b20e561e326ee91a09a76206257bde8438b

Comment 1 Andrej Nemec 2017-11-21 09:55:17 UTC

Created binutils tracking bugs for this issue:

Affects: fedora-all [bug 1499311]


Created mingw-binutils tracking bugs for this issue:

Affects: epel-all [bug 1499310]

Note You need to log in before you can comment on or make changes to this bug.