1543244 – (CVE-2018-6759) CVE-2018-6759 binutils: Unchecked strnlen in opncls.c:bfd_get_debug_link_info_1() can allow lead to denial of service

Bug 1543244 (CVE-2018-6759) - CVE-2018-6759 binutils: Unchecked strnlen in opncls.c:bfd_get_debug_link_info_1() can allow lead to denial of service

Summary: CVE-2018-6759 binutils: Unchecked strnlen in opncls.c:bfd_get_debug_link_info...

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2018-6759
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1543245 1543246 1543247
Blocks:	1856610
TreeView+	depends on / blocked

Reported:	2018-02-08 04:55 UTC by Sam Fowler
Modified:	2020-07-17 09:29 UTC (History)
CC List:	11 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2020-07-14 04:18:25 UTC
Embargoed:

Attachments	(Terms of Use)

Description Sam Fowler 2018-02-08 04:55:04 UTC

The bfd_get_debug_link_info_1 function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, has an unchecked strnlen operation. Attackers could leverage this vulnerability to cause a denial of service (segmentation fault) via a crafted ELF file.


Upstream Bug:

https://sourceware.org/bugzilla/show_bug.cgi?id=22794


Upstream Patch:

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=64e234d417d5685a4aec0edc618114d9991c031b

Comment 1 Sam Fowler 2018-02-08 04:55:26 UTC

Created binutils tracking bugs for this issue:

Affects: fedora-all [bug 1543245]


Created mingw-binutils tracking bugs for this issue:

Affects: epel-all [bug 1543246]

Note You need to log in before you can comment on or make changes to this bug.