GNU Binutils before 2.34 has an uninitialized-heap vulnerability in function tic4x_print_cond (file opcodes/tic4x-dis.c) which could allow attackers to make an information leak. Reference: https://sourceware.org/bugzilla/show_bug.cgi?id=25319
Created mingw-binutils tracking bugs for this issue: Affects: fedora-all [bug 1911440]
Statement: binutils as shipped with Red Hat Enterprise Linux 8's GCC Toolset 10 and Red Hat Developer Toolset 10 are not affected by this flaw because the versions shipped have already received the patch.
Flaw technical summary: In routine tic4x_print_cond() of opcodes/tic4x-dis.c, xmalloc() is called to allocate 32 bytes, 20 of which are initialized. It is possible for the uninitialized bytes to be reached in a subsequent call to `(*info->fprintf_func)`. This could cause a crash or print the uninitialized data. The upstream patch addresses this flaw by replacing the call to xmalloc() with xcalloc(), which 0-initializes all of the bytes upon allocation.
Upstream commit: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=2c5b6e1a1c406cbe06e2d6f77861764ebd01b9ce