ALAS2-2019-1138 --- binutilsID: oval:org.secpod.oval:def:1700131 | Date: (C)2019-05-30 (M)2023-12-20 |
Class: PATCH | Family: unix |
An integer wraparound has been discovered in the Binary File Descriptor library distributed in GNU Binutils up to version 2.30. An attacker could cause a crash by providing an ELF file with corrupted DWARF debug information.The ignore_section_sym function in elf.c in the Binary File Descriptor library , as distributed in GNU Binutils 2.30, does not validate the output_section pointer in the case of a symtab entry with a quot;SECTIONquot; type that has a quot;0quot; value, which allows remote attackers to cause a denial of service via a crafted file, as demonstrated by objcopy.The display_debug_ranges function in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted ELF file, as demonstrated by objdump.concat_filename in dwarf2.c in the Binary File Descriptor library , as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service via a crafted binary file, as demonstrated by nm-new.The elf_object_p function in elfcode.h in the Binary File Descriptor library , as distributed in GNU Binutils 2.29.1, has an unsigned integer overflow because bfd_size_type multiplication is not used. A crafted ELF file allows remote attackers to cause a denial of service or possibly have unspecified other impact.An integer wraparound has been discovered in the Binary File Descriptor library distributed in GNU Binutils up to version 2.30. An attacker could cause a crash by providing an ELF file with corrupted DWARF debug information.The Binary File Descriptor library , as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service via a crafted ELF file, as demonstrated by _bfd_elf_parse_attributes in elf-attrs.c and bfd_malloc in libbfd.c. This can occur during execution of nm.process_cu_tu_index in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service via a crafted binary file, as demonstrated by readelf.In the coff_pointerize_aux function in coffgen.c in the Binary File Descriptor library , as distributed in GNU Binutils 2.30, an index is not validated, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted file, as demonstrated by objcopy of a COFF object.