Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 761957 (CVE-2020-35448) - <sys-devel/binutils-2.35.2: heap buffer overflow (CVE-2020-35448)
Summary: <sys-devel/binutils-2.35.2: heap buffer overflow (CVE-2020-35448)
Status: RESOLVED FIXED
Alias: CVE-2020-35448
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B3 [glsa+ cve]
Keywords:
Depends on: 779805
Blocks: CVE-2019-9070, CVE-2019-9071, CVE-2019-9072, CVE-2019-9073, CVE-2019-9074, CVE-2019-9075, CVE-2019-9076, CVE-2019-9077, CVE-2020-16590, CVE-2020-16591, CVE-2020-16593, CVE-2020-16598, CVE-2020-19599
  Show dependency tree
 
Reported: 2020-12-27 18:44 UTC by John Helmert III
Modified: 2021-07-10 02:52 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III gentoo-dev Security 2020-12-27 18:44:52 UTC
CVE-2020-35448 (https://sourceware.org/bugzilla/show_bug.cgi?id=26574):

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35.1. A heap-based buffer over-read can occur in bfd_getl_signed_32 in libbfd.c because sh_entsize is not validated in _bfd_elf_slurp_secondary_reloc_section in elf.c.


Patch: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8642dafaef21aa6747cec01df1977e9c52eb4679

I don't see this patch in any release.
Comment 1 Andreas K. Hüttel archtester gentoo-dev 2021-01-23 18:41:36 UTC
Cherry-picked for 2.35.1 patchset 3
Comment 2 Andreas K. Hüttel archtester gentoo-dev 2021-04-17 23:09:05 UTC
(In reply to Andreas K. Hüttel from comment #1)
> Cherry-picked for 2.35.1 patchset 3

Also cherry-picked for 2.35.2 patchset 1, fixed in sys-devel/binutils/2.35.2
Comment 3 Larry the Git Cow gentoo-dev 2021-05-16 10:01:15 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b7c7bf9cf98bc2f32234865faf2c352c16362334

commit b7c7bf9cf98bc2f32234865faf2c352c16362334
Author:     Andreas K. Hüttel <dilfridge@gentoo.org>
AuthorDate: 2021-05-16 10:00:08 +0000
Commit:     Andreas K. Hüttel <dilfridge@gentoo.org>
CommitDate: 2021-05-16 10:01:04 +0000

    package.mask: Extend binutils mask to <2.35.2
    
    Bug: https://bugs.gentoo.org/761957
    Bug: https://bugs.gentoo.org/678806
    Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>

 profiles/package.mask | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
Comment 4 Andreas K. Hüttel archtester gentoo-dev 2021-05-16 10:01:57 UTC
All affected versions masked. No cleanup (toolchain).
Comment 5 John Helmert III gentoo-dev Security 2021-07-06 00:48:16 UTC
GLSA request filed.
Comment 6 GLSAMaker/CVETool Bot gentoo-dev 2021-07-10 02:52:21 UTC
This issue was resolved and addressed in
 GLSA 202107-24 at https://security.gentoo.org/glsa/202107-24
by GLSA coordinator John Helmert III (ajak).