Bug 2150768 (CVE-2022-4285) - CVE-2022-4285 binutils: NULL pointer dereference in _bfd_elf_get_symbol_version_string leads to segfault
Summary: CVE-2022-4285 binutils: NULL pointer dereference in _bfd_elf_get_symbol_versi...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2022-4285
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2183322 2152945 2152946 2152947 2152948 2152949 2152950 2153214 2153215 2153216 2153217 2153218 2153219 2153220 2153221 2153222 2153223 2153224 2153225 2153226 2153227 2153228 2164700 2164701
Blocks: 2150766
TreeView+ depends on / blocked
 
Reported: 2022-12-05 09:18 UTC by Mauro Matteo Cascella
Modified: 2023-11-21 11:40 UTC (History)
13 users (show)

Fixed In Version: binutils 2.39-7
Doc Type: If docs needed, set a value
Doc Text:
An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599.
Clone Of:
Environment:
Last Closed: 2023-05-23 16:42:59 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2023:2873 0 None None None 2023-05-16 08:23:23 UTC
Red Hat Product Errata RHSA-2023:3269 0 None None None 2023-05-23 11:27:10 UTC
Red Hat Product Errata RHSA-2023:6236 0 None None None 2023-11-01 12:53:27 UTC
Red Hat Product Errata RHSA-2023:6593 0 None None None 2023-11-07 08:19:52 UTC
Red Hat Product Errata RHSA-2023:7394 0 None None None 2023-11-21 11:40:52 UTC

Description Mauro Matteo Cascella 2022-12-05 09:18:22 UTC 
Illegal memory access when parsing an ELF file containing corrupt symbol version information. Incomplete fix of CVE-2020-16599.

Upstream issue & fix:
https://sourceware.org/bugzilla/show_bug.cgi?id=29699
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5c831a3c7f3ca98d6aba1200353311e1a1f84c70
Comment 1 Marian Rehak 2022-12-13 15:02:02 UTC 
Created binutils tracking bugs for this issue:

Affects: fedora-all [bug 2152946]


Created gdb tracking bugs for this issue:

Affects: fedora-all [bug 2152947]


Created insight tracking bugs for this issue:

Affects: fedora-all [bug 2152948]


Created mingw-binutils tracking bugs for this issue:

Affects: fedora-all [bug 2152945]


Created radare2 tracking bugs for this issue:

Affects: fedora-all [bug 2152949]


Created rizin tracking bugs for this issue:

Affects: fedora-all [bug 2152950]
Comment 4 errata-xmlrpc 2023-05-16 08:23:22 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:2873 https://access.redhat.com/errata/RHSA-2023:2873
Comment 5 errata-xmlrpc 2023-05-23 11:27:08 UTC 
This issue has been addressed in the following products:

  Red Hat Software Collections for Red Hat Enterprise Linux 7

Via RHSA-2023:3269 https://access.redhat.com/errata/RHSA-2023:3269
Comment 6 Product Security DevOps Team 2023-05-23 16:42:56 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2022-4285
Comment 10 errata-xmlrpc 2023-11-01 12:53:24 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2023:6236 https://access.redhat.com/errata/RHSA-2023:6236
Comment 13 errata-xmlrpc 2023-11-07 08:19:50 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:6593 https://access.redhat.com/errata/RHSA-2023:6593
Comment 15 errata-xmlrpc 2023-11-21 11:40:49 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.6 Extended Update Support

Via RHSA-2023:7394 https://access.redhat.com/errata/RHSA-2023:7394
Note You need to log in before you can comment on or make changes to this bug.