[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 324-1] binutils security update



Package        : binutils
Version        : 2.20.1-16+deb6u2
CVE ID         : CVE-2012-3509
Debian Bug     : 688951

This update fixes several issues as described below.

PR ld/12613 (no CVE assigned)

    Niranjan Hasabnis discovered that passing an malformed linker
    script to GNU ld, part of binutils, may result in a stack buffer
    overflow.  If the linker is used with untrusted object files, this
    would allow remote attackers to cause a denial of service (crash)
    or possibly privilege escalation.

CVE-2012-3509
#688951

    Sang Kil Cha discovered that a buffer size calculation in
    libiberty, part of binutils, may result in integer overflow and
    then a heap buffer overflow.  If libiberty or the commands in
    binutils are used to read untrusted binaries, this would allow
    remote attackers to cause a denial of service (crash) or possibly
    privilege escalation.

PR binutils/18750 (no CVE assigned)

    Joshua Rogers reported that passing a malformed ihex (Intel
    hexadecimal) file to to various commands in binutils may result in
    a stack buffer overflow.  A similar issue was found in readelf.
    If these commands are used to read untrusted binaries, this would
    allow remote attackers to cause a denial of service (crash) or
    possibly privilege escalation.

For the oldoldstable distribution (squeeze), these problems have been
fixed in version 2.20.1-16+deb6u2.

For the oldstable distribution (wheezy) and the stable distribution
(jessie), PR ld/12613 and CVE-2012-3509 were fixed before release, and
PR binutils/18750 will be fixed in a later update.

-- 
Ben Hutchings - Debian developer, member of Linux kernel and LTS teams


Attachment: signature.asc
Description: This is a digitally signed message part


Reply to: