(https://nvd.nist.gov/vuln/detail/CVE-2019-9077): An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section. Upstream Reference: https://sourceware.org/bugzilla/show_bug.cgi?id=24243 (https://nvd.nist.gov/vuln/detail/CVE-2019-9076): An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in elf_read_notes in elf.c. Note: upstream ruling as normal behavior and WONTFIX https://sourceware.org/bugzilla/show_bug.cgi?id=24238 (https://nvd.nist.gov/vuln/detail/CVE-2019-9075): An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c. Upstream Reference: https://sourceware.org/bugzilla/show_bug.cgi?id=24236 (https://nvd.nist.gov/vuln/detail/CVE-2019-9074): An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c. Upstream Reference: https://sourceware.org/bugzilla/show_bug.cgi?id=24235 (https://nvd.nist.gov/vuln/detail/CVE-2019-9073): An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in _bfd_elf_slurp_version_tables in elf.c. Upstream Reference: https://sourceware.org/bugzilla/show_bug.cgi?id=24233 (https://nvd.nist.gov/vuln/detail/CVE-2019-9072): An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in setup_group in elf.c. Upstream Reference: (WONTFIX) https://sourceware.org/bugzilla/show_bug.cgi?id=24232 (https://nvd.nist.gov/vuln/detail/CVE-2019-9071): An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls. Upstream Reference: https://sourceware.org/bugzilla/show_bug.cgi?id=24227 (https://nvd.nist.gov/vuln/detail/CVE-2019-9070): An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive calls. Upstream Reference: https://sourceware.org/bugzilla/show_bug.cgi?id=24229 Gentoo Security Padawan (domhnall)
> (https://nvd.nist.gov/vuln/detail/CVE-2019-9077): > An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer > overflow in process_mips_specific in readelf.c via a malformed MIPS option > section. > > Upstream Reference: https://sourceware.org/bugzilla/show_bug.cgi?id=24243 Fixed in Gentoo 2.32 branch, will be in patchset 3 > (https://nvd.nist.gov/vuln/detail/CVE-2019-9076): > An issue was discovered in the Binary File Descriptor (BFD) library (aka > libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive > memory allocation in elf_read_notes in elf.c. > > Note: upstream ruling as normal behavior and WONTFIX > https://sourceware.org/bugzilla/show_bug.cgi?id=24238 No action. > (https://nvd.nist.gov/vuln/detail/CVE-2019-9075): > An issue was discovered in the Binary File Descriptor (BFD) library (aka > libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer > overflow in _bfd_archive_64_bit_slurp_armap in archive64.c. > > Upstream Reference: https://sourceware.org/bugzilla/show_bug.cgi?id=24236 Fixed in Gentoo 2.32 branch, will be in patchset 3 > (https://nvd.nist.gov/vuln/detail/CVE-2019-9074): > An issue was discovered in the Binary File Descriptor (BFD) library (aka > libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read > leading to a SEGV in bfd_getl32 in libbfd.c, when called from > pex64_get_runtime_function in pei-x86_64.c. > > Upstream Reference: https://sourceware.org/bugzilla/show_bug.cgi?id=24235 Fixed in Gentoo 2.32 branch, will be in patchset 3 > (https://nvd.nist.gov/vuln/detail/CVE-2019-9073): > An issue was discovered in the Binary File Descriptor (BFD) library (aka > libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive > memory allocation in _bfd_elf_slurp_version_tables in elf.c. > > Upstream Reference: https://sourceware.org/bugzilla/show_bug.cgi?id=24233 Fixed in Gentoo 2.32 branch, will be in patchset 3 > (https://nvd.nist.gov/vuln/detail/CVE-2019-9072): > An issue was discovered in the Binary File Descriptor (BFD) library (aka > libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive > memory allocation in setup_group in elf.c. > > Upstream Reference: (WONTFIX) > https://sourceware.org/bugzilla/show_bug.cgi?id=24232 Upstream not-a-bug > (https://nvd.nist.gov/vuln/detail/CVE-2019-9071): > An issue was discovered in GNU libiberty, as distributed in GNU Binutils > 2.32. It is a stack consumption issue in d_count_templates_scopes in > cp-demangle.c after many recursive calls. > > Upstream Reference: https://sourceware.org/bugzilla/show_bug.cgi?id=24227 Problem is in libiberty > (https://nvd.nist.gov/vuln/detail/CVE-2019-9070): > An issue was discovered in GNU libiberty, as distributed in GNU Binutils > 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c > after many recursive calls. > > Upstream Reference: https://sourceware.org/bugzilla/show_bug.cgi?id=24229 Problem is in libiberty
(In reply to Andreas K. Hüttel from comment #1) > > (https://nvd.nist.gov/vuln/detail/CVE-2019-9071): > > An issue was discovered in GNU libiberty, as distributed in GNU Binutils > > 2.32. It is a stack consumption issue in d_count_templates_scopes in > > cp-demangle.c after many recursive calls. > > > > Upstream Reference: https://sourceware.org/bugzilla/show_bug.cgi?id=24227 > > Problem is in libiberty > Fixed in binutils 2.35 (upcoming): https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89394#c10 > > > (https://nvd.nist.gov/vuln/detail/CVE-2019-9070): > > An issue was discovered in GNU libiberty, as distributed in GNU Binutils > > 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c > > after many recursive calls. > > > > Upstream Reference: https://sourceware.org/bugzilla/show_bug.cgi?id=24229 > > Problem is in libiberty Seems to be same as above, fixed in 2.35.
(In reply to Sam James from comment #2) > Fixed in binutils 2.35 (upcoming): Binutils 2.35 is now available: https://sourceware.org/pipermail/binutils/2020-July/112530.html
> > (https://nvd.nist.gov/vuln/detail/CVE-2019-9076): > > An issue was discovered in the Binary File Descriptor (BFD) library (aka > > libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive > > memory allocation in elf_read_notes in elf.c. > > > > Note: upstream ruling as normal behavior and WONTFIX > > https://sourceware.org/bugzilla/show_bug.cgi?id=24238 > > No action. Still no action. Recommend ignoring this CVE. > > (https://nvd.nist.gov/vuln/detail/CVE-2019-9072): > > An issue was discovered in the Binary File Descriptor (BFD) library (aka > > libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive > > memory allocation in setup_group in elf.c. > > > > Upstream Reference: (WONTFIX) > > https://sourceware.org/bugzilla/show_bug.cgi?id=24232 > > Upstream not-a-bug Still no action. Recommend ignoring this CVE. (In reply to Sam James from comment #2) > (In reply to Andreas K. Hüttel from comment #1) > > > (https://nvd.nist.gov/vuln/detail/CVE-2019-9071): > > > An issue was discovered in GNU libiberty, as distributed in GNU Binutils > > > 2.32. It is a stack consumption issue in d_count_templates_scopes in > > > cp-demangle.c after many recursive calls. > > > > > > Upstream Reference: https://sourceware.org/bugzilla/show_bug.cgi?id=24227 > > > > Problem is in libiberty > > Fixed in binutils 2.35 (upcoming): > https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89394#c10 Yep, fixed in binutils-2.35 Too big for backporting. > > > (https://nvd.nist.gov/vuln/detail/CVE-2019-9070): > > > An issue was discovered in GNU libiberty, as distributed in GNU Binutils > > > 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c > > > after many recursive calls. > > > > > > Upstream Reference: https://sourceware.org/bugzilla/show_bug.cgi?id=24229 > > > > Problem is in libiberty > > Seems to be same as above, fixed in 2.35. Yep, fixed in binutils-2.35 Too big for backporting.
CVE-2020-16590 (https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=c98a4545dc7bf2bcaf1de539c4eb84784680eaa4): A double free vulnerability exists in the Binary File Descriptor (BFD) (aka libbrd) in GNU Binutils 2.34 in the process_symbol_table, as demonstrated in readelf, via a crafted file. CVE-2020-16591 (https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=001890e1f9269697f7e0212430a51479271bdab2): A Denial of Service vulnerability exists in the Binary File Descriptor (BFD) in GNU Binutils 2.34 due to an invalid read in process_symbol_table, as demonstrated in readeif. CVE-2020-16592 (https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7ecb51549ab1ec22aba5aaf34b70323cf0b8509a): A use after free issue exists in the Binary File Descriptor (BFD) library (aka libbfd) in GNU Binutils 2.34 in bfd_hash_lookup, as demonstrated in nm-new, that can cause a denial of service via a crafted file. CVE-2020-16593 (https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=aec72fda3b320c36eb99fc1c4cf95b10fc026729): A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.34, in scan_unit_for_symbols, as demonstrated in addr2line, that can cause a denial of service via a crafted file. CVE-2020-16598 (https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ca3f923f82a079dcf441419f4a50a50f8b4b33c2): A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.34, in debug_get_real_type, as demonstrated in objdump, that can cause a denial of service via a crafted file. CVE-2020-16599 (https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8d55d10ac0d112c586eaceb92e75bd9b80aadcc4): A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.34, in _bfd_elf_get_symbol_version_string, as demonstrated in nm-new, that can cause a denial of service via a crafted file. All patches also in the 2.35 release according to Git.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b7c7bf9cf98bc2f32234865faf2c352c16362334 commit b7c7bf9cf98bc2f32234865faf2c352c16362334 Author: Andreas K. Hüttel <dilfridge@gentoo.org> AuthorDate: 2021-05-16 10:00:08 +0000 Commit: Andreas K. Hüttel <dilfridge@gentoo.org> CommitDate: 2021-05-16 10:01:04 +0000 package.mask: Extend binutils mask to <2.35.2 Bug: https://bugs.gentoo.org/761957 Bug: https://bugs.gentoo.org/678806 Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org> profiles/package.mask | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
All affected versions masked. No cleanup (toolchain).
GLSA request filed.
This issue was resolved and addressed in GLSA 202107-24 at https://security.gentoo.org/glsa/202107-24 by GLSA coordinator John Helmert III (ajak).
