Fedora Account System
Red Hat Associate
Red Hat Customer
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c, as demonstrated by nm. Reference: https://sourceware.org/bugzilla/show_bug.cgi?id=25070 Upstream commit: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=336bfbeb1848f4b9558456fdcf283ee8a32d7fd1
Created binutils tracking bugs for this issue: Affects: fedora-all [bug 1771669] Created mingw-binutils tracking bugs for this issue: Affects: epel-6 [bug 1771673] Affects: epel-7 [bug 1771672] Affects: fedora-all [bug 1771670]
There's an issue on libbfd from binutils package while processing BFD data. When reading BFD sections from an ELF binary to extract debug information, _bfd_dwarf2_slurp_debug_info() doesn't properly validate section's size leading to a integer overflow. An attacker can leverage that by crafting a ELF file which may trigger the bug further causing heap data corruption and DoS.
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:1797 https://access.redhat.com/errata/RHSA-2020:1797
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-17451