Summary: | <sys-devel/binutils-2.30 : Multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | toolchain |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | A3 [glsa+ cve] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 651576, 655574 | ||
Bug Blocks: |
Description
GLSAMaker/CVETool Bot
2017-12-04 14:05:28 UTC
(In reply to GLSAMaker/CVETool Bot from comment #0) > CVE-2017-17126 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17126): > The load_debug_section function in readelf.c in GNU Binutils 2.29.1 allows > remote attackers to cause a denial of service (invalid memory access and > application crash) or possibly have unspecified other impact via an ELF > file > that lacks section headers. In upstream master Patch does not trivially apply to 2.29.1 branch > > CVE-2017-17125 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17125): > nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global symbols, > which allows remote attackers to cause a denial of service > (_bfd_elf_get_symbol_version_string buffer over-read and application crash) > or possibly have unspecified other impact via a crafted ELF file. In upstream master Patch added to gentoo/2.29.1 branch for patchlevel 4 > > CVE-2017-17124 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17124): > The _bfd_coff_read_string_table function in coffgen.c in the Binary File > Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils > 2.29.1, does not properly validate the size of the external string table, > which allows remote attackers to cause a denial of service (excessive > memory > consumption, or heap-based buffer overflow and application crash) or > possibly have unspecified other impact via a crafted COFF binary. In upstream master Patch added to gentoo/2.29.1 branch for patchlevel 4 > > CVE-2017-17123 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17123): > The coff_slurp_reloc_table function in coffcode.h in the Binary File > Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils > 2.29.1, allows remote attackers to cause a denial of service (NULL pointer > dereference and application crash) via a crafted COFF based file. In upstream master Patch added to gentoo/2.29.1 branch for patchlevel 4 > > CVE-2017-17122 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17122): > The dump_relocs_in_section function in objdump.c in GNU Binutils 2.29.1 > does > not check for reloc count integer overflows, which allows remote attackers > to cause a denial of service (excessive memory allocation, or heap-based > buffer overflow and application crash) or possibly have unspecified other > impact via a crafted PE file. In upstream master Patch added to gentoo/2.29.1 branch for patchlevel 4 > > CVE-2017-17121 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17121): > The Binary File Descriptor (BFD) library (aka libbfd), as distributed in > GNU > Binutils 2.29.1, allows remote attackers to cause a denial of service > (memory access violation) or possibly have unspecified other impact via a > COFF binary in which a relocation refers to a location after the end of the > to-be-relocated section. In upstream master Patch added to gentoo/2.29.1 branch for patchlevel 4 (In reply to Andreas K. Hüttel from comment #1) > (In reply to GLSAMaker/CVETool Bot from comment #0) > > CVE-2017-17126 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17126): > > The load_debug_section function in readelf.c in GNU Binutils 2.29.1 allows > > remote attackers to cause a denial of service (invalid memory access and > > application crash) or possibly have unspecified other impact via an ELF > > file > > that lacks section headers. > > In upstream master > Patch does not trivially apply to 2.29.1 branch Fixed in 2.30 > > CVE-2017-17125 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17125): > > nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global symbols, > > which allows remote attackers to cause a denial of service > > (_bfd_elf_get_symbol_version_string buffer over-read and application crash) > > or possibly have unspecified other impact via a crafted ELF file. > > In upstream master > Patch added to gentoo/2.29.1 branch for patchlevel 4 Fixed in 2.30 > > CVE-2017-17124 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17124): > > The _bfd_coff_read_string_table function in coffgen.c in the Binary File > > Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils > > 2.29.1, does not properly validate the size of the external string table, > > which allows remote attackers to cause a denial of service (excessive > > memory > > consumption, or heap-based buffer overflow and application crash) or > > possibly have unspecified other impact via a crafted COFF binary. > > In upstream master > Patch added to gentoo/2.29.1 branch for patchlevel 4 Fixed in 2.30 > > CVE-2017-17123 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17123): > > The coff_slurp_reloc_table function in coffcode.h in the Binary File > > Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils > > 2.29.1, allows remote attackers to cause a denial of service (NULL pointer > > dereference and application crash) via a crafted COFF based file. > > In upstream master > Patch added to gentoo/2.29.1 branch for patchlevel 4 Fixed in 2.30 > > CVE-2017-17122 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17122): > > The dump_relocs_in_section function in objdump.c in GNU Binutils 2.29.1 > > does > > not check for reloc count integer overflows, which allows remote attackers > > to cause a denial of service (excessive memory allocation, or heap-based > > buffer overflow and application crash) or possibly have unspecified other > > impact via a crafted PE file. > > In upstream master > Patch added to gentoo/2.29.1 branch for patchlevel 4 Fixed in 2.30 > > CVE-2017-17121 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-17121): > > The Binary File Descriptor (BFD) library (aka libbfd), as distributed in > > GNU > > Binutils 2.29.1, allows remote attackers to cause a denial of service > > (memory access violation) or possibly have unspecified other impact via a > > COFF binary in which a relocation refers to a location after the end of the > > to-be-relocated section. > > In upstream master > Patch added to gentoo/2.29.1 branch for patchlevel 4 Fixed in 2.30 This issue was resolved and addressed in GLSA 201811-17 at https://security.gentoo.org/glsa/201811-17 by GLSA coordinator Aaron Bauman (b-man). |