CVE-2017-14974 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14974): The *_get_synthetic_symtab functions in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandle the failure of a certain canonicalization step, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ELF file, related to elf32-i386.c and elf64-x86-64.c. References: https://sourceware.org/bugzilla/show_bug.cgi?id=22163 https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=e70c19e3a4c26e9c1ebf0c9170d105039b56d7cf
@maintainer(s), patches 3/4 from upstream...other patch is changelog update so not reporting here. Though it can be found in $URL if needed. (In reply to Aleksandr Wagner (Kivak) from comment #0) >https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git >h=e70c19e3a4c26e9c1ebf0c9170d105039b56d7cf commit e70c19e3a4c26e9c1ebf0c9170d105039b56d7cf *x86: Return -1 if bfd_canonicalize_dynamic_reloc returns 0 *Stop if bfd_canonicalize_dynamic_reloc returns 0. cherry picked from commit b69e9267d15a09ce3f3d4599eae2952dfc6df502 * elf32-i386.c (elf_i386_get_synthetic_symtab): Also return -1 if bfd_canonicalize_dynamic_reloc returns 0. * elf64-x86-64.c (elf_x86_64_get_synthetic_symtab) Gentoo Security Padawan Daj Uan (jmbailey/mbailey_j)
@Kivak, ah my apologies sir, just realized the patch you provided is same as other one. @maintainer(s), there are 3 total patches not 4, fourth is Changlog.
Patch added to gentoo/binutils-2.29.1 branch
Fixed in 2.29.1-r1
All affected versions are masked. No further cleanup (toolchain package). Nothing to do for toolchain here anymore. Please proceed.
Added to existing GLSA request. Gentoo Security Padawan (Jmbailey/mbailey_j)
This issue was resolved and addressed in GLSA 201801-01 at https://security.gentoo.org/glsa/201801-01 by GLSA coordinator Aaron Bauman (b-man).