Debian Security Advisory
DLA-324-1 binutils -- LTS security update
- Date Reported:
- 02 Oct 2015
- Affected Packages:
- binutils
- Vulnerable:
- Yes
- Security database references:
- In the Debian bugtracking system: Bug 688951.
In Mitre's CVE dictionary: CVE-2012-3509. - More information:
-
This update fixes several issues as described below.
- PR ld/12613 (no CVE assigned)
Niranjan Hasabnis discovered that passing an malformed linker script to GNU ld, part of binutils, may result in a stack buffer overflow. If the linker is used with untrusted object files, this would allow remote attackers to cause a denial of service (crash) or possibly privilege escalation.
- CVE-2012-3509, #688951
Sang Kil Cha discovered that a buffer size calculation in libiberty, part of binutils, may result in integer overflow and then a heap buffer overflow. If libiberty or the commands in binutils are used to read untrusted binaries, this would allow remote attackers to cause a denial of service (crash) or possibly privilege escalation.
- PR binutils/18750 (no CVE assigned)
Joshua Rogers reported that passing a malformed ihex (Intel hexadecimal) file to to various commands in binutils may result in a stack buffer overflow. A similar issue was found in readelf. If these commands are used to read untrusted binaries, this would allow remote attackers to cause a denial of service (crash) or possibly privilege escalation.
For the oldoldstable distribution (squeeze), these problems have been fixed in version 2.20.1-16+deb6u2.
For the oldstable distribution (wheezy) and the stable distribution (jessie), PR ld/12613 and CVE-2012-3509 were fixed before release, and PR binutils/18750 will be fixed in a later update.
- PR ld/12613 (no CVE assigned)