Description: "An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to avr_elf32_load_records_from_section() probably resulting in a crash or in some cases memory corruption. The highest threat from this vulnerability is to integrity as well as system availability."
Patch: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=1cfcf3004e1830f8fe9112cfcd15285508d2c2b7
Which release is this in?
$ git clone git://sourceware.org/git/binutils-gdb.git $ cd binutils-gdb $ git log binutils-2_36 --oneline | grep "PR27290, PR27293, PR27295" $ git log binutils-2_36_1 --oneline | grep "PR27290, PR27293, PR27295" $ git log master --oneline | grep "PR27290, PR27293, PR27295" 1cfcf3004e1 PR27290, PR27293, PR27295, various avr objdump fixes
for convenience $ git format-patch 1cfcf3004e1~1..1cfcf3004e1 0001-PR27290-PR27293-PR27295-various-avr-objdump-fixes.patch
* CVE-2021-3530 Description: "A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed in GNU Binutils version 2.36. A crafted symbol can cause stack memory to be exhausted leading to a crash."
Package list is empty or all packages have requested keywords.
CVE-2021-3530 A flaw was discovered in GNU libiberty within demangle_path() in rust-demangle.c, as distributed in GNU Binutils version 2.36. A crafted symbol can cause stack memory to be exhausted leading to a crash. https://bugzilla.redhat.com/show_bug.cgi?id=1956423 I assume this is https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99935 (which is fixed in binutils-2.37) CVE-2021-3549 An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to avr_elf32_load_records_from_section() probably resulting in a crash or in some cases memory corruption. The highest threat from this vulnerability is to integrity as well as system availability. https://sourceware.org/bugzilla/show_bug.cgi?id=27294 Fixed in binutils-2.37
Please cleanup.
(In reply to John Helmert III from comment #13) > Please cleanup. Er, sorry, this is toolchain@ so please handle as necessary :)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=53686a56f9eaa50e8f549c92578a181d590c812f commit 53686a56f9eaa50e8f549c92578a181d590c812f Author: Andreas K. Hüttel <dilfridge@gentoo.org> AuthorDate: 2021-10-10 22:20:12 +0000 Commit: Andreas K. Hüttel <dilfridge@gentoo.org> CommitDate: 2021-10-10 22:20:55 +0000 package.mask: extend binutils mask to <2.37_p1 Bug: https://bugs.gentoo.org/792342 Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org> profiles/package.mask | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
No cleanup, but all affected are masked now.
GLSA request filed
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=1d8cf0a3e06fbdd4dd76f179edfa141b674a0968 commit 1d8cf0a3e06fbdd4dd76f179edfa141b674a0968 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-08-14 21:47:19 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-08-14 21:48:21 +0000 [ GLSA 202208-30 ] GNU Binutils: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/778545 Bug: https://bugs.gentoo.org/792342 Bug: https://bugs.gentoo.org/829304 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Sam James <sam@gentoo.org> glsa-202208-30.xml | 61 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 61 insertions(+)
GLSA done, all done.
