GNU assembler in GNU Binutils 2.27 is vulnerable to a global buffer overflow (of size 1) while attempting to unget an EOF character from the input stream, potentially leading to a program crash. Upstream bug: https://sourceware.org/bugzilla/show_bug.cgi?id=20898 Upstream patch: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=69ace2200106348a1b00d509a6a234337c104c17
(In reply to Adam Mariš from comment #0) > GNU assembler in GNU Binutils 2.28 is vulnerable to a global buffer overflow I think that you mean GNU Binutils 2.27. The bug is fixed in 2.28...
Created binutils tracking bugs for this issue: Affects: fedora-all [bug 1435308] Created mingw-binutils tracking bugs for this issue: Affects: epel-all [bug 1435309] Affects: fedora-all [bug 1435307]
(In reply to Nick Clifton from comment #1) > (In reply to Adam Mariš from comment #0) > > GNU assembler in GNU Binutils 2.28 is vulnerable to a global buffer overflow > > I think that you mean GNU Binutils 2.27. The bug is fixed in 2.28... I took this description from MITRE and version in which the bug was found in the upstream bug is set to 2.28 as well. I'll change it, thanks.