FS#57561 - [binutils] In the coff_pointerize_aux function in coffgen.c in the Binary File Descriptor (BFD) lib
Attached to Project:
Arch Linux
Opened by Karol Babioch (johnpatcher) - Sunday, 18 February 2018, 07:36 GMT
Last edited by Evangelos Foutras (foutrelis) - Friday, 16 March 2018, 17:18 GMT
Opened by Karol Babioch (johnpatcher) - Sunday, 18 February 2018, 07:36 GMT
Last edited by Evangelos Foutras (foutrelis) - Friday, 16 March 2018, 17:18 GMT
|
Details
CVE-2018-7208
In the coff_pointerize_aux function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, an index is not validated, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted file, as demonstrated by objcopy of a COFF object. References: https://nvd.nist.gov/vuln/detail/CVE-2018-7208 |
This task depends upon
Closed by Evangelos Foutras (foutrelis)
Friday, 16 March 2018, 17:18 GMT
Reason for closing: Fixed
Additional comments about closing: binutils 2.29.1-3
Friday, 16 March 2018, 17:18 GMT
Reason for closing: Fixed
Additional comments about closing: binutils 2.29.1-3
Upstream closed via commit https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=eb77f6a4621795367a39cdd30957903af9dbb815