The swap_std_reloc_in function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (aout_32_swap_std_reloc_out NULL pointer dereference and application crash) via a crafted ELF file, as demonstrated by objcopy. Fix/commit: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commitdiff;h=116acb2c268c89c89186673a7c92620d21825b25 - Gentoo Security Padawan -
(In reply to Demetris Nakos from comment #0) > The swap_std_reloc_in function in aoutx.h in the Binary File Descriptor > (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows > remote attackers to cause a denial of service (aout_32_swap_std_reloc_out > NULL pointer dereference and application crash) via a crafted ELF file, as > demonstrated by objcopy. > > Fix/commit: > https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commitdiff; > h=116acb2c268c89c89186673a7c92620d21825b25 > > - Gentoo Security Padawan - Fix queued for binutils 2.30 patchset 2
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8c7fe7564dc60dd6caa3afd787728acb43fc7abe commit 8c7fe7564dc60dd6caa3afd787728acb43fc7abe Author: Andreas K. Hüttel <dilfridge@gentoo.org> AuthorDate: 2018-04-29 20:07:56 +0000 Commit: Andreas K. Hüttel <dilfridge@gentoo.org> CommitDate: 2018-04-29 20:08:06 +0000 sys-devel/binutils: Revision bump (no keywords), 2.30 patchset 2 Bug: https://bugs.gentoo.org/502492 Bug: https://bugs.gentoo.org/647798 Bug: https://bugs.gentoo.org/647296 Bug: https://bugs.gentoo.org/649690 Bug: https://bugs.gentoo.org/651576 Package-Manager: Portage-2.3.31, Repoman-2.3.9 sys-devel/binutils/Manifest | 1 + sys-devel/binutils/binutils-2.30-r2.ebuild | 417 +++++++++++++++++++++++++++++ 2 files changed, 418 insertions(+)}
This issue was resolved and addressed in GLSA 201811-17 at https://security.gentoo.org/glsa/201811-17 by GLSA coordinator Aaron Bauman (b-man).