Summary: | <dev-libs/elfutils-0.169-r1: multiple vulnerabilities | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> | ||||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||||
Status: | RESOLVED FIXED | ||||||||
Severity: | minor | CC: | sudormrfhalt, xmw | ||||||
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
||||||
Version: | unspecified | ||||||||
Hardware: | All | ||||||||
OS: | Linux | ||||||||
Whiteboard: | A3 [glsa cve] | ||||||||
Package list: |
dev-libs/elfutils-0.169-r1
|
Runtime testing required: | --- | ||||||
Bug Depends on: | |||||||||
Bug Blocks: | 614002, 614004 | ||||||||
Attachments: |
|
Description
Agostino Sarubbo
2017-05-09 18:09:25 UTC
CVE-2017-7613 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7613): elflint.c in elfutils 0.168 does not validate the number of sections and the number of segments, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file. CVE-2017-7612 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7612): The check_sysv_hash function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. CVE-2017-7611 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7611): The check_symtab_shndx function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. CVE-2017-7610 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7610): The check_group function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. CVE-2017-7609 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7609): elf_compress.c in elfutils 0.168 does not validate the zlib compression factor, which allows remote attackers to cause a denial of service (memory consumption) via a crafted ELF file. CVE-2017-7608 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7608): The ebl_object_note_type_name function in eblobjnotetypename.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. CVE-2017-7607 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7607): The handle_gnu_hash function in readelf.c in elfutils 0.168 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file. Added elfutils-0.169, arch teams please test and stabilize it. Keywords for dev-libs/elfutils: | | u | | a a p s a n r | n | | l m h i p p r m m i i s | e u s | r | p d a p a p c a x m i 6 o s 3 | a s l | e | h 6 r p 6 p 6 r 8 6 p 8 s c 9 s | p e o | p | a 4 m a 4 c 4 c 6 4 s k 2 v 0 h | i d t | o ---------+---------------------------------+-------+------- [I]0.166 | + + + + + + + + + + ~ + o o + + | 5 o 0 | gentoo 0.167 | ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ o o ~ ~ | 5 # | gentoo 0.168 | ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ o o ~ ~ | 5 # | gentoo 0.169 | ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ o o ~ ~ | 6 o | gentoo Package list?! Please stabilize 0.169-r1 (it was revbumped straight to stable for https://bugs.gentoo.org/show_bug.cgi?id=619658 ) arm stable ia64 stable Single test fails (ia64-specific), but its not a regression. tracked in bug #501630 Created attachment 477754 [details, diff]
CVE-2017-7607.patch
Created attachment 477756 [details, diff]
CVE-2017-7608.patch
test failures do not block security issues Stable on alpha. (In reply to Tobias Klausmann from comment #10) > Stable on alpha. Bullshit. Amd64 stable. Stable on alpha. x86 stable sparc was dropped to exp. https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b5901d8f716555a1479f12313a2925fcadd177a9 stable for hppa (thanks to Rolf Eike Beer) ppc stable ppc64 stable All stable arches done. (In reply to Andreas K. Hüttel from comment #18) > All stable arches done. Awesome, thank you all. @Security please vote Gentoo Security Padawan Christopher Díaz Riveros Cleanup done. Toolchain out. This issue was resolved and addressed in GLSA 201710-10 at https://security.gentoo.org/glsa/201710-10 by GLSA coordinator Aaron Bauman (b-man). sparc stable (thanks to Rolf Eike Beer) |