Summary: | <sys-devel/binutils-2.30-r2: Multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | trivial | ||
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | A3 [glsa cve] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 655574 | ||
Bug Blocks: | 634196, 637642, 639692, 639768, 647798, 649690 |
Description
GLSAMaker/CVETool Bot
2018-03-26 13:31:18 UTC
(In reply to GLSAMaker/CVETool Bot from comment #0) > CVE-2018-8945 (https://nvd.nist.gov/vuln/detail/CVE-2018-8945): > The bfd_section_from_shdr function in elf.c in the Binary File Descriptor > (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows > remote attackers to cause a denial of service (segmentation fault) via a > large attribute section. No fix committed upstream yet. > CVE-2018-7643 (https://nvd.nist.gov/vuln/detail/CVE-2018-7643): > The display_debug_ranges function in dwarf.c in GNU Binutils 2.30 allows > remote attackers to cause a denial of service (integer overflow and > application crash) or possibly have unspecified other impact via a crafted > ELF file, as demonstrated by objdump. Fix queued for binutils 2.30 patchset 2 (backport from upstream master) > CVE-2018-7570 (https://nvd.nist.gov/vuln/detail/CVE-2018-7570): > The assign_file_positions_for_non_load_sections function in elf.c in the > Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU > Binutils 2.30, allows remote attackers to cause a denial of service (NULL > pointer dereference and application crash) via an ELF file with a RELRO > segment that lacks a matching LOAD segment, as demonstrated by objcopy. Nontrivial backport from upstream master, deferred > CVE-2018-7569 (https://nvd.nist.gov/vuln/detail/CVE-2018-7569): > dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as > distributed in GNU Binutils 2.30, allows remote attackers to cause a denial > of service (integer underflow or overflow, and application crash) via an > ELF > file with a corrupt DWARF FORM block, as demonstrated by nm. Fix queued for binutils 2.30 patchset 2 (backport from upstream master) > CVE-2018-7568 (https://nvd.nist.gov/vuln/detail/CVE-2018-7568): > The parse_die function in dwarf1.c in the Binary File Descriptor (BFD) > library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote > attackers to cause a denial of service (integer overflow and application > crash) via an ELF file with corrupt dwarf1 debug information, as > demonstrated by nm. Fix queued for binutils 2.30 patchset 2 (backport from upstream master) > CVE-2018-7208 (https://nvd.nist.gov/vuln/detail/CVE-2018-7208): > In the coff_pointerize_aux function in coffgen.c in the Binary File > Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, > an index is not validated, which allows remote attackers to cause a denial > of service (segmentation fault) or possibly have unspecified other impact > via a crafted file, as demonstrated by objcopy of a COFF object. Fix queued for binutils 2.30 patchset 2 (backport from upstream master) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8c7fe7564dc60dd6caa3afd787728acb43fc7abe commit 8c7fe7564dc60dd6caa3afd787728acb43fc7abe Author: Andreas K. Hüttel <dilfridge@gentoo.org> AuthorDate: 2018-04-29 20:07:56 +0000 Commit: Andreas K. Hüttel <dilfridge@gentoo.org> CommitDate: 2018-04-29 20:08:06 +0000 sys-devel/binutils: Revision bump (no keywords), 2.30 patchset 2 Bug: https://bugs.gentoo.org/502492 Bug: https://bugs.gentoo.org/647798 Bug: https://bugs.gentoo.org/647296 Bug: https://bugs.gentoo.org/649690 Bug: https://bugs.gentoo.org/651576 Package-Manager: Portage-2.3.31, Repoman-2.3.9 sys-devel/binutils/Manifest | 1 + sys-devel/binutils/binutils-2.30-r2.ebuild | 417 +++++++++++++++++++++++++++++ 2 files changed, 418 insertions(+)} Nothing to do for toolchain here anymore. |