Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 761957 (CVE-2020-35448) - <sys-devel/binutils-2.35.2: heap buffer overflow (CVE-2020-35448)
Summary: <sys-devel/binutils-2.35.2: heap buffer overflow (CVE-2020-35448)
Status: RESOLVED FIXED
Alias: CVE-2020-35448
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B3 [glsa+ cve]
Keywords:
Depends on: 779805
Blocks: CVE-2019-9070, CVE-2019-9071, CVE-2019-9072, CVE-2019-9073, CVE-2019-9074, CVE-2019-9075, CVE-2019-9076, CVE-2019-9077, CVE-2020-16590, CVE-2020-16591, CVE-2020-16593, CVE-2020-16598, CVE-2020-19599
  Show dependency tree
 
Reported: 2020-12-27 18:44 UTC by John Helmert III
Modified: 2021-07-10 02:52 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2020-12-27 18:44:52 UTC 
CVE-2020-35448 (https://sourceware.org/bugzilla/show_bug.cgi?id=26574):

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35.1. A heap-based buffer over-read can occur in bfd_getl_signed_32 in libbfd.c because sh_entsize is not validated in _bfd_elf_slurp_secondary_reloc_section in elf.c.


Patch: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8642dafaef21aa6747cec01df1977e9c52eb4679

I don't see this patch in any release.
Comment 1 Andreas K. Hüttel archtester gentoo-dev 2021-01-23 18:41:36 UTC 
Cherry-picked for 2.35.1 patchset 3
Comment 2 Andreas K. Hüttel archtester gentoo-dev 2021-04-17 23:09:05 UTC 
(In reply to Andreas K. Hüttel from comment #1)
> Cherry-picked for 2.35.1 patchset 3

Also cherry-picked for 2.35.2 patchset 1, fixed in sys-devel/binutils/2.35.2
Comment 3 Larry the Git Cow gentoo-dev 2021-05-16 10:01:15 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b7c7bf9cf98bc2f32234865faf2c352c16362334

commit b7c7bf9cf98bc2f32234865faf2c352c16362334
Author:     Andreas K. Hüttel <dilfridge@gentoo.org>
AuthorDate: 2021-05-16 10:00:08 +0000
Commit:     Andreas K. Hüttel <dilfridge@gentoo.org>
CommitDate: 2021-05-16 10:01:04 +0000

    package.mask: Extend binutils mask to <2.35.2
    
    Bug: https://bugs.gentoo.org/761957
    Bug: https://bugs.gentoo.org/678806
    Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>

 profiles/package.mask | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
Comment 4 Andreas K. Hüttel archtester gentoo-dev 2021-05-16 10:01:57 UTC 
All affected versions masked. No cleanup (toolchain).
Comment 5 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2021-07-06 00:48:16 UTC 
GLSA request filed.
Comment 6 GLSAMaker/CVETool Bot gentoo-dev 2021-07-10 02:52:21 UTC 
This issue was resolved and addressed in
 GLSA 202107-24 at https://security.gentoo.org/glsa/202107-24
by GLSA coordinator John Helmert III (ajak).