Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 624524 (CVE-2017-9742) - <sys-devel/binutils-2.28.1: stack overflow in score_opcodes function (CVE-2017-9742)
Summary: <sys-devel/binutils-2.28.1: stack overflow in score_opcodes function (CVE-201...
Status: RESOLVED FIXED
Alias: CVE-2017-9742
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard: A3 [glsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2017-07-11 05:47 UTC by Aleksandr Wagner (Kivak)
Modified: 2017-09-17 15:32 UTC (History)
0 users

See Also:
Package list:
=sys-devel/binutils-2.28.1
Runtime testing required: Yes
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Aleksandr Wagner (Kivak) 2017-07-11 05:47:11 UTC
The score_opcodes function in opcodes/score7-dis.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by mishandling of this file during "objdump -D" execution.

CVE Details:
https://nvd.nist.gov/vuln/detail/CVE-2017-9742

Upstream bug:

https://sourceware.org/bugzilla/show_bug.cgi?id=21576

Upstream patch:

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=e64519d1ed7fd8f990f05a5562d5b5c0c44b7d7e
Comment 1 Aleksandr Wagner (Kivak) 2017-07-11 06:49:20 UTC
Sorry everyone I have made a mistake. This vulnerability does not exist in the sys-libs/binutils-libs, it is actually located in the sys-devel/binutils package.
Comment 2 Matthias Maier gentoo-dev 2017-08-02 00:14:29 UTC
Security please assign rating.


commit cf5003fe2fc3b45f366d0a3c6fdf834ed9d54321
Author: Matthias Maier <tamiko@gentoo.org>
Date:   Tue Aug 1 19:05:14 2017 -0500

    sys-devel/binutils: version bump to 2.28.1, patchset 1.0
    
    Includes fixes for bugs #622036 #622500 #622886 #624524 #624702
    
    Package-Manager: Portage-2.3.6, Repoman-2.3.3
Comment 3 Aaron Bauman (RETIRED) gentoo-dev 2017-08-06 18:06:44 UTC
@arches, please stabilize.
Comment 4 Sergei Trofimovich (RETIRED) gentoo-dev 2017-08-06 20:27:56 UTC
Should also include binutils-libs?
Comment 5 Sergei Trofimovich (RETIRED) gentoo-dev 2017-08-07 07:41:02 UTC
ia64 stable
Comment 6 Markus Meier gentoo-dev 2017-08-08 20:40:50 UTC
arm stable
Comment 7 Gleb 2017-08-12 14:53:00 UTC
The same bug is again the issue:
https://bugs.gentoo.org/show_bug.cgi?id=612436

Is there anything that can be done to prevent it?
Comment 8 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2017-08-25 21:31:35 UTC
amd64 stable
Comment 9 Matt Turner gentoo-dev 2017-08-25 22:35:06 UTC
alpha stable
Comment 10 Matt Turner gentoo-dev 2017-08-29 19:47:52 UTC
ppc stable
Comment 11 Matt Turner gentoo-dev 2017-08-29 19:48:04 UTC
ppc64 stable
Comment 12 Thomas Deutschmann (RETIRED) gentoo-dev 2017-08-29 20:50:55 UTC
I run into test failures while trying to stabilize on x86, see bug 629326. Please tell me how to proceed.
Comment 13 Sergei Trofimovich (RETIRED) gentoo-dev 2017-09-07 21:02:35 UTC
sparc stable (thanks to Dakon)
Comment 14 Thomas Deutschmann (RETIRED) gentoo-dev 2017-09-11 21:02:38 UTC
x86 stable
Comment 15 Sergei Trofimovich (RETIRED) gentoo-dev 2017-09-14 08:28:23 UTC
stable for hppa (thanks to Rolf Eike Beer)

Last arch is done here!
Comment 16 Aleksandr Wagner (Kivak) 2017-09-14 13:23:10 UTC
@Maintainer(s): Please clean the vulnerable versions from the tree.
Comment 17 Andreas K. Hüttel archtester gentoo-dev 2017-09-15 19:01:48 UTC
All vulnerable versions are masked. No cleanup (toolchain package).
Comment 18 GLSAMaker/CVETool Bot gentoo-dev 2017-09-17 15:32:04 UTC
This issue was resolved and addressed in
 GLSA 201709-02 at https://security.gentoo.org/glsa/201709-02
by GLSA coordinator Aaron Bauman (b-man).