FS#57561 : [binutils] In the coff_pointerize_aux function in coffgen.c in the Binary File Descriptor (BFD) lib

FS#57561 - [binutils] In the coff_pointerize_aux function in coffgen.c in the Binary File Descriptor (BFD) lib

Attached to Project: Arch Linux
Opened by Karol Babioch (johnpatcher) - Sunday, 18 February 2018, 07:36 GMT
Last edited by Evangelos Foutras (foutrelis) - Friday, 16 March 2018, 17:18 GMT

Task Type	Bug Report
Category	Security
Status	Closed
Assigned To	Bartłomiej Piotrowski (Barthalion) Levente Polyak (anthraxx)
Architecture	All
Severity	Low
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

CVE-2018-7208

In the coff_pointerize_aux function in coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, an index is not validated, which allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted file, as demonstrated by objcopy of a COFF object.

References:
https://nvd.nist.gov/vuln/detail/CVE-2018-7208

This task depends upon

Closed by Evangelos Foutras (foutrelis)
Friday, 16 March 2018, 17:18 GMT
Reason for closing: Fixed
Additional comments about closing: binutils 2.29.1-3

Comment by Eli Schwartz (eschwartz) - Monday, 19 February 2018, 06:31 GMT

Field changed: Status (Unconfirmed → Assigned)
Field changed: Category (Security → Security)
Field changed: Architecture (All → All)
Task assigned to Bartłomiej Piotrowski (Barthalion), Levente Polyak (anthraxx)

https://sourceware.org/bugzilla/show_bug.cgi?id=22741

Upstream closed via commit https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=eb77f6a4621795367a39cdd30957903af9dbb815

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#57561 - [binutils] In the coff_pointerize_aux function in coffgen.c in the Binary File Descriptor (BFD) lib

Details

Loading...