Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 618004 (CVE-2017-7607, CVE-2017-7608, CVE-2017-7609, CVE-2017-7610, CVE-2017-7611, CVE-2017-7612, CVE-2017-7613) - <dev-libs/elfutils-0.169-r1: multiple vulnerabilities
Summary: <dev-libs/elfutils-0.169-r1: multiple vulnerabilities
Status: RESOLVED FIXED
Alias: CVE-2017-7607, CVE-2017-7608, CVE-2017-7609, CVE-2017-7610, CVE-2017-7611, CVE-2017-7612, CVE-2017-7613
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL:
Whiteboard: A3 [glsa cve]
Keywords:
Depends on:
Blocks: CVE-2016-10255 CVE-2016-10254
  Show dependency tree
 
Reported: 2017-05-09 18:09 UTC by Agostino Sarubbo
Modified: 2018-07-28 13:13 UTC (History)
2 users (show)

See Also:
Package list:
dev-libs/elfutils-0.169-r1
Runtime testing required: ---
stable-bot: sanity-check+


Attachments
CVE-2017-7607.patch (CVE-2017-7607.patch,1.12 KB, patch)
2017-06-24 00:16 UTC, Andrey Ovcharov
no flags Details | Diff
CVE-2017-7608.patch (CVE-2017-7608.patch,3.76 KB, patch)
2017-06-24 00:17 UTC, Andrey Ovcharov
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 GLSAMaker/CVETool Bot gentoo-dev 2017-05-16 06:41:32 UTC
CVE-2017-7613 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7613):
  elflint.c in elfutils 0.168 does not validate the number of sections and the
  number of segments, which allows remote attackers to cause a denial of
  service (memory consumption) via a crafted ELF file.

CVE-2017-7612 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7612):
  The check_sysv_hash function in elflint.c in elfutils 0.168 allows remote
  attackers to cause a denial of service (heap-based buffer over-read and
  application crash) via a crafted ELF file.

CVE-2017-7611 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7611):
  The check_symtab_shndx function in elflint.c in elfutils 0.168 allows remote
  attackers to cause a denial of service (heap-based buffer over-read and
  application crash) via a crafted ELF file.

CVE-2017-7610 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7610):
  The check_group function in elflint.c in elfutils 0.168 allows remote
  attackers to cause a denial of service (heap-based buffer over-read and
  application crash) via a crafted ELF file.

CVE-2017-7609 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7609):
  elf_compress.c in elfutils 0.168 does not validate the zlib compression
  factor, which allows remote attackers to cause a denial of service (memory
  consumption) via a crafted ELF file.

CVE-2017-7608 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7608):
  The ebl_object_note_type_name function in eblobjnotetypename.c in elfutils
  0.168 allows remote attackers to cause a denial of service (heap-based
  buffer over-read and application crash) via a crafted ELF file.

CVE-2017-7607 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7607):
  The handle_gnu_hash function in readelf.c in elfutils 0.168 allows remote
  attackers to cause a denial of service (heap-based buffer over-read and
  application crash) via a crafted ELF file.
Comment 2 Manuel Rüger (RETIRED) gentoo-dev 2017-05-24 13:17:34 UTC
Added elfutils-0.169, arch teams please test and stabilize it.

Keywords for dev-libs/elfutils:
         |                                 |   u   |  
         | a a         p s   a     n r     |   n   |  
         | l m   h i   p p   r m m i i s   | e u s | r
         | p d a p a p c a x m i 6 o s 3   | a s l | e
         | h 6 r p 6 p 6 r 8 6 p 8 s c 9 s | p e o | p
         | a 4 m a 4 c 4 c 6 4 s k 2 v 0 h | i d t | o
---------+---------------------------------+-------+-------
[I]0.166 | + + + + + + + + + + ~ + o o + + | 5 o 0 | gentoo
   0.167 | ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ o o ~ ~ | 5 #   | gentoo
   0.168 | ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ o o ~ ~ | 5 #   | gentoo
   0.169 | ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ o o ~ ~ | 6 o   | gentoo
Comment 3 Michael Weber (RETIRED) gentoo-dev 2017-05-25 23:06:17 UTC
Package list?!
Comment 4 Manuel Rüger (RETIRED) gentoo-dev 2017-05-28 21:16:15 UTC
Please stabilize 0.169-r1 (it was revbumped straight to stable for https://bugs.gentoo.org/show_bug.cgi?id=619658 )
Comment 5 Markus Meier gentoo-dev 2017-06-01 04:33:42 UTC
arm stable
Comment 6 Sergei Trofimovich gentoo-dev 2017-06-18 21:09:26 UTC
ia64 stable

Single test fails (ia64-specific), but its not a regression. tracked in bug #501630
Comment 7 Andrey Ovcharov 2017-06-24 00:16:44 UTC
Created attachment 477754 [details, diff]
CVE-2017-7607.patch
Comment 8 Andrey Ovcharov 2017-06-24 00:17:10 UTC
Created attachment 477756 [details, diff]
CVE-2017-7608.patch
Comment 9 Agostino Sarubbo gentoo-dev 2017-07-13 09:31:54 UTC
test failures do not block security issues
Comment 10 Tobias Klausmann gentoo-dev 2017-07-15 09:59:26 UTC
Stable on alpha.
Comment 11 Tobias Klausmann gentoo-dev 2017-07-15 10:05:54 UTC
(In reply to Tobias Klausmann from comment #10)
> Stable on alpha.

Bullshit. Amd64 stable.
Comment 12 Tobias Klausmann gentoo-dev 2017-07-16 11:11:39 UTC
Stable on alpha.
Comment 13 Thomas Deutschmann gentoo-dev Security 2017-08-18 21:03:32 UTC
x86 stable
Comment 15 Sergei Trofimovich gentoo-dev 2017-09-15 20:39:54 UTC
stable for hppa (thanks to Rolf Eike Beer)
Comment 16 Sergei Trofimovich gentoo-dev 2017-09-25 21:52:03 UTC
ppc stable
Comment 17 Sergei Trofimovich gentoo-dev 2017-09-26 08:59:12 UTC
ppc64 stable
Comment 18 Andreas K. Hüttel gentoo-dev 2017-10-03 20:06:55 UTC
All stable arches done.
Comment 19 Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2017-10-03 20:20:12 UTC
(In reply to Andreas K. Hüttel from comment #18)
> All stable arches done.

Awesome, thank you all.

@Security please vote

Gentoo Security Padawan 
Christopher Díaz Riveros
Comment 20 Andreas K. Hüttel gentoo-dev 2017-10-04 10:50:03 UTC
Cleanup done. Toolchain out.
Comment 21 GLSAMaker/CVETool Bot gentoo-dev 2017-10-13 22:33:25 UTC
This issue was resolved and addressed in
 GLSA 201710-10 at https://security.gentoo.org/glsa/201710-10
by GLSA coordinator Aaron Bauman (b-man).
Comment 22 Sergei Trofimovich gentoo-dev 2017-12-13 20:11:46 UTC
sparc stable (thanks to Rolf Eike Beer)