Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 628538 (CVE-2017-12967) - <sys-devel/binutils-2.29.1 : stack overflow in getsym (CVE-2017-12967)
Summary: <sys-devel/binutils-2.29.1 : stack overflow in getsym (CVE-2017-12967)
Status: RESOLVED FIXED
Alias: CVE-2017-12967
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://sourceware.org/bugzilla/show_...
Whiteboard: A3 [glsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2017-08-21 18:08 UTC by D'juan McDonald (domhnall)
Modified: 2018-01-07 23:11 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 D'juan McDonald (domhnall) 2017-08-21 18:17:55 UTC
The getsym function in tekhex.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a malformed tekhex binary.

CVE Details: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12967
Comment 2 D'juan McDonald (domhnall) 2017-08-22 08:35:12 UTC
Comment 4  cvs-commit@gcc.gnu.org      2017-08-18 07:47:42 UTC  
The master branch has been updated by Nick Clifton <nickc@sourceware.org>:

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=de25939739ffe9a9ad7cec07a35bb2a1e430fe39

commit de25939739ffe9a9ad7cec07a35bb2a1e430fe39
Author: Nick Clifton <nickc@redhat.com>
Date:   Fri Aug 18 08:45:12 2017 +0100

    Fix buffer overrun parsing a corrupt tekhex binary.
    
        PR binutils/21962
        * tekhex.c (getsym): Fix check for source pointer walking off the
        end of the input buffer.
Comment 5  cvs-commit@gcc.gnu.org      2017-08-18 07:50:27 UTC  
The binutils-2_29-branch branch has been updated by Nick Clifton <nickc@sourceware.org>:

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ebe412a7186f1acbc5753d3236f3cab4999f7b90

commit ebe412a7186f1acbc5753d3236f3cab4999f7b90
Author: Nick Clifton <nickc@redhat.com>
Date:   Fri Aug 18 08:47:16 2017 +0100

    Fix buffer overrun when parsing a corrupt tekhex binary.
    
        PR binutils/21962
        * tekhex.c (getsym): Fix check for source pointer walking off the
        end of the input buffer.


@Security, can we handle this? toolchain is already loaded. 

I have a local repo of gentoo, fyi.
Comment 3 D'juan McDonald (domhnall) 2017-08-22 08:57:23 UTC
@maintainer(s),please test, then follow procedure to close this report.Thank You

Daj'Uan (mbailey_j)
Gentoo Security Scout
Comment 4 Andreas K. Hüttel gentoo-dev 2017-12-27 22:50:34 UTC
All affected versions are masked. No further cleanup (toolchain package). 

Nothing to do for toolchain here anymore. Please proceed.
Comment 5 D'juan McDonald (domhnall) 2018-01-05 06:44:44 UTC
Added to existing GLSA request.


Gentoo Security Padawan
(Jmbailey/mbailey_j)
Comment 6 GLSAMaker/CVETool Bot gentoo-dev 2018-01-07 23:11:20 UTC
This issue was resolved and addressed in
 GLSA 201801-01 at https://security.gentoo.org/glsa/201801-01
by GLSA coordinator Aaron Bauman (b-man).