Bug 1551778 (CVE-2018-7569) - CVE-2018-7569 binutils: integer underflow or overflow via an ELF file with a corrupt DWARF FORM block in libbfd library
Summary: CVE-2018-7569 binutils: integer underflow or overflow via an ELF file with a ...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2018-7569
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1551779 1551780 1551781 1569889 1569890 1569891 1572222
Blocks: 1551789
TreeView+ depends on / blocked
 
Reported: 2018-03-05 23:20 UTC by Laura Pardo
Modified: 2022-03-13 14:44 UTC (History)
16 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
An integer wraparound has been discovered in the Binary File Descriptor (BFD) library distributed in GNU Binutils up to version 2.30. An attacker could cause a crash by providing an ELF file with corrupted DWARF debug information.
Clone Of:
Environment:
Last Closed: 2019-06-08 03:42:23 UTC
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2018:3032 0 None None None 2018-10-30 07:23:51 UTC

Description Laura Pardo 2018-03-05 23:20:30 UTC
A flaw was found in the read_attribute_value function in dwarf2.c file in the
Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU
Binutils up to version 2.30, when compiled in 32bit mode. This allows attackers to cause a denial of service (integer wraparound and application
crash) via an ELF file with a corrupt DWARF FORM block.


References:
https://sourceware.org/bugzilla/show_bug.cgi?id=22895

Patch:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=12c963421d045a127c413a0722062b9932c50aa9

Comment 1 Laura Pardo 2018-03-05 23:21:14 UTC
Created binutils tracking bugs for this issue:

Affects: fedora-all [bug 1551779]


Created mingw-binutils tracking bugs for this issue:

Affects: epel-all [bug 1551780]

Comment 6 errata-xmlrpc 2018-10-30 07:23:42 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2018:3032 https://access.redhat.com/errata/RHSA-2018:3032


Note You need to log in before you can comment on or make changes to this bug.