https://bugzilla.redhat.com/show_bug.cgi?id=1162655
Bug ID: 1162655 Summary: binutils: directory traversal vulnerability Product: Security Response Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team@redhat.com Reporter: vkaigoro@redhat.com CC: bgollahe@redhat.com, dan@danny.cz, dhowells@redhat.com, erik-fedora@vanpienbroek.nl, fedora-mingw@lists.fedoraproject.org, jakub@redhat.com, kalevlember@gmail.com, kanderso@redhat.com, ktietz@redhat.com, law@redhat.com, lkocman@redhat.com, lkundrak@v3.sk, mfranc@redhat.com, mhlavink@redhat.com, nickc@redhat.com, ohudlick@redhat.com, pfrankli@redhat.com, rjones@redhat.com, rob@robspanton.com, seceng-idm-qe-list@redhat.com, swhiteho@redhat.com, thibault.north@gmail.com, tmlcoch@redhat.com, trond.danielsen@gmail.com
Directory traversal vulnerability allowing random files deleteion/creation was reported [1] in binutils. Upstream patch is in [2].
[1]: https://sourceware.org/bugzilla/show_bug.cgi?id=17552 [2]: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=dd9b91de2149ee81d...
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1156276
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1162656 Depends On| |1162657 Depends On| |1162658 Depends On| |1162659 Depends On| |1162660 Depends On| |1162661 Depends On| |1162662 Depends On| |1162664 Depends On| |1162665
--- Comment #1 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created mingw-binutils tracking bugs for this issue:
Affects: fedora-all [bug 1162660] Affects: epel-all [bug 1162665]
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1162656 [Bug 1162656] arm-none-eabi-binutils-cs: binutils: directory traversal vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162657 [Bug 1162657] avr-binutils: binutils: directory traversal vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162658 [Bug 1162658] binutils: directory traversal vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162659 [Bug 1162659] cross-binutils: binutils: directory traversal vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162660 [Bug 1162660] mingw-binutils: binutils: directory traversal vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162661 [Bug 1162661] msp430-binutils: binutils: directory traversal vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162662 [Bug 1162662] avr-binutils: binutils: directory traversal vulnerability [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162664 [Bug 1162664] cross-binutils: binutils: directory traversal vulnerability [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162665 [Bug 1162665] mingw-binutils: binutils: directory traversal vulnerability [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
--- Comment #2 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created avr-binutils tracking bugs for this issue:
Affects: fedora-all [bug 1162657] Affects: epel-all [bug 1162662]
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
--- Comment #3 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created arm-none-eabi-binutils-cs tracking bugs for this issue:
Affects: fedora-all [bug 1162656]
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
--- Comment #4 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created msp430-binutils tracking bugs for this issue:
Affects: fedora-all [bug 1162661]
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
--- Comment #5 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created cross-binutils tracking bugs for this issue:
Affects: fedora-all [bug 1162659] Affects: epel-all [bug 1162664]
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
--- Comment #6 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created binutils tracking bugs for this issue:
Affects: fedora-all [bug 1162658]
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
--- Comment #8 from Nick Clifton nickc@redhat.com --- Created attachment 956421 --> https://bugzilla.redhat.com/attachment.cgi?id=956421&action=edit Proposed patch
Hi Jeff, Hi Patsy,
I have uploaded a specially crafted patch that combines both of the fixes for PR 17552, built against the RHEL 7.1 sources. I hope that this helps.
Cheers Nick
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
--- Comment #9 from Jeff Law law@redhat.com --- Thanks Nick. I'm watching this very closely as we have a small window where we can fix this for RHEL 7.1. However, right now, this stuff is not slated for 7.1 by nature of no RHEL BZs from the security team, which is probably an artifact of these being marked as med/med or lower from an security standpoint.
My preference is to fix this and the controlled write in the BFD ELF code for RHEL 7.1 and RHEL 6.7. I do _not_ want to issue z-streams for these issues if we can avoid it.
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
Martin Prpic mprpic@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Alias| |CVE-2014-8737
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
Martin Prpic mprpic@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Summary|binutils: directory |CVE-2014-8737 binutils: |traversal vulnerability |directory traversal | |vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014 |1104,reported=20141111,sour |1104,reported=20141111,sour |ce=oss-sec,cvss2=2.1/AV:L/A |ce=oss-sec,cvss2=2.1/AV:L/A |C:L/Au:N/C:N/I:P/A:N,dts-2. |C:L/Au:N/C:N/I:P/A:N,dts-2. |1/devtoolset-2-binutils=new |1/devtoolset-2-binutils=aff |,dts-3.0/devtoolset-3-binut |ected,dts-3.0/devtoolset-3- |ils=new,fedora-all/arm-none |binutils=affected,fedora-al |-eabi-binutils-cs=affected, |l/arm-none-eabi-binutils-cs |fedora-all/avr-binutils=aff |=affected,fedora-all/avr-bi |ected,fedora-all/binutils=a |nutils=affected,fedora-all/ |ffected,fedora-all/cross-bi |binutils=affected,fedora-al |nutils=affected,fedora-all/ |l/cross-binutils=affected,f |mingw-binutils=affected,fed |edora-all/mingw-binutils=af |ora-all/msp430-binutils=aff |fected,fedora-all/msp430-bi |ected,rhel-4/binutils=new,r |nutils=affected,rhel-5/binu |hel-5/binutils=new,rhel-5/b |tils=wontfix,rhel-5/binutil |inutils220=new,rhel-6/binut |s220=wontfix,rhel-6/binutil |ils=new,rhel-6/mingw32-binu |s=affected,rhel-6/mingw32-b |tils=new,rhel-7/binutils=ne |inutils=defer,rhel-7/binuti |w,epel-all/avr-binutils=aff |ls=affected,epel-all/avr-bi |ected,epel-all/cross-binuti |nutils=affected,epel-all/cr |ls=affected,epel-all/mingw- |oss-binutils=affected,epel- |binutils=affected |all/mingw-binutils=affected
--- Comment #10 from Vasyl Kaigorodov vkaigoro@redhat.com --- Statement:
Red Hat Enterprise Linux 5 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Fixed In Version| |binutils 2.25
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1168281
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1168302
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
Tomas Hoger thoger@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014 |1104,reported=20141111,sour |1104,reported=20141111,sour |ce=oss-sec,cvss2=2.1/AV:L/A |ce=oss-sec,cvss2=2.1/AV:L/A |C:L/Au:N/C:N/I:P/A:N,dts-2. |C:L/Au:N/C:N/I:P/A:N,dts-2. |1/devtoolset-2-binutils=aff |1/devtoolset-2-binutils=aff |ected,dts-3.0/devtoolset-3- |ected,dts-3.0/devtoolset-3- |binutils=affected,fedora-al |binutils=affected,fedora-al |l/arm-none-eabi-binutils-cs |l/arm-none-eabi-binutils-cs |=affected,fedora-all/avr-bi |=affected,fedora-all/avr-bi |nutils=affected,fedora-all/ |nutils=affected,fedora-all/ |binutils=affected,fedora-al |binutils=affected,fedora-al |l/cross-binutils=affected,f |l/cross-binutils=affected,f |edora-all/mingw-binutils=af |edora-all/mingw-binutils=af |fected,fedora-all/msp430-bi |fected,fedora-all/msp430-bi |nutils=affected,rhel-5/binu |nutils=affected,rhel-5/binu |tils=wontfix,rhel-5/binutil |tils=wontfix,rhel-5/binutil |s220=wontfix,rhel-6/binutil |s220=wontfix,rhel-6/binutil |s=affected,rhel-6/mingw32-b |s=affected,rhel-6/mingw32-b |inutils=defer,rhel-7/binuti |inutils=wontfix,rhel-7/binu |ls=affected,epel-all/avr-bi |tils=affected,epel-all/avr- |nutils=affected,epel-all/cr |binutils=affected,epel-all/ |oss-binutils=affected,epel- |cross-binutils=affected,epe |all/mingw-binutils=affected |l-all/mingw-binutils=affect | |ed
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014 |1104,reported=20141111,sour |1104,reported=20141111,sour |ce=oss-sec,cvss2=2.1/AV:L/A |ce=oss-sec,cvss2=2.1/AV:L/A |C:L/Au:N/C:N/I:P/A:N,dts-2. |C:L/Au:N/C:N/I:P/A:N,dts-2. |1/devtoolset-2-binutils=aff |1/devtoolset-2-binutils=aff |ected,dts-3.0/devtoolset-3- |ected,dts-3.0/devtoolset-3- |binutils=affected,fedora-al |binutils=affected,fedora-al |l/arm-none-eabi-binutils-cs |l/arm-none-eabi-binutils-cs |=affected,fedora-all/avr-bi |=affected,fedora-all/avr-bi |nutils=affected,fedora-all/ |nutils=affected,fedora-all/ |binutils=affected,fedora-al |binutils=affected,fedora-al |l/cross-binutils=affected,f |l/cross-binutils=affected,f |edora-all/mingw-binutils=af |edora-all/mingw-binutils=af |fected,fedora-all/msp430-bi |fected,fedora-all/msp430-bi |nutils=affected,rhel-5/binu |nutils=affected,rhel-5/binu |tils=wontfix,rhel-5/binutil |tils=wontfix,rhel-5/binutil |s220=wontfix,rhel-6/binutil |s220=wontfix,rhel-6/binutil |s=affected,rhel-6/mingw32-b |s=affected,rhel-6/mingw32-b |inutils=wontfix,rhel-7/binu |inutils=wontfix,rhel-7/binu |tils=affected,epel-all/avr- |tils=defer,epel-all/avr-bin |binutils=affected,epel-all/ |utils=affected,epel-all/cro |cross-binutils=affected,epe |ss-binutils=affected,epel-a |l-all/mingw-binutils=affect |ll/mingw-binutils=affected |ed |
https://bugzilla.redhat.com/show_bug.cgi?id=1162655 Bug 1162655 depends on bug 1162656, which changed state.
Bug 1162656 Summary: arm-none-eabi-binutils-cs: binutils: directory traversal vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162656
What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
--- Comment #12 from Fedora Update System updates@fedoraproject.org --- arm-none-eabi-binutils-cs-2014.05.28-3.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
https://bugzilla.redhat.com/show_bug.cgi?id=1162655 Bug 1162655 depends on bug 1162657, which changed state.
Bug 1162657 Summary: avr-binutils: binutils: directory traversal vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162657
What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
--- Comment #13 from Fedora Update System updates@fedoraproject.org --- avr-binutils-2.24-3.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
--- Comment #14 from Fedora Update System updates@fedoraproject.org --- avr-binutils-2.24-4.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
--- Comment #15 from Fedora Update System updates@fedoraproject.org --- arm-none-eabi-binutils-cs-2014.05.28-3.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
--- Comment #16 from Fedora Update System updates@fedoraproject.org --- avr-binutils-2.24-3.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
--- Comment #17 from Fedora Update System updates@fedoraproject.org --- arm-none-eabi-binutils-cs-2014.05.28-3.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1172710
https://bugzilla.redhat.com/show_bug.cgi?id=1162655 Bug 1162655 depends on bug 1162660, which changed state.
Bug 1162660 Summary: mingw-binutils: binutils: directory traversal vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162660
What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA
https://bugzilla.redhat.com/show_bug.cgi?id=1162655 Bug 1162655 depends on bug 1162665, which changed state.
Bug 1162665 Summary: mingw-binutils: binutils: directory traversal vulnerability [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162665
What |Removed |Added ---------------------------------------------------------------------------- Status|MODIFIED |CLOSED Resolution|--- |ERRATA
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
--- Comment #19 from Fedora Update System updates@fedoraproject.org --- binutils-2.24-30.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
https://bugzilla.redhat.com/show_bug.cgi?id=1162655 Bug 1162655 depends on bug 1162659, which changed state.
Bug 1162659 Summary: cross-binutils: binutils: directory traversal vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162659
What |Removed |Added ---------------------------------------------------------------------------- Status|MODIFIED |CLOSED Resolution|--- |CURRENTRELEASE
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
--- Comment #20 from Vasyl Kaigorodov vkaigoro@redhat.com --- Reproducer is available in https://sourceware.org/bugzilla/show_bug.cgi?id=17552#c0
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014 |1104,reported=20141111,sour |1104,reported=20141111,sour |ce=oss-sec,cvss2=2.1/AV:L/A |ce=oss-security,cvss2=2.1/A |C:L/Au:N/C:N/I:P/A:N,dts-2. |V:L/AC:L/Au:N/C:N/I:P/A:N,d |1/devtoolset-2-binutils=aff |ts-2.1/devtoolset-2-binutil |ected,dts-3.0/devtoolset-3- |s=affected,dts-3.0/devtools |binutils=affected,fedora-al |et-3-binutils=affected,fedo |l/arm-none-eabi-binutils-cs |ra-all/arm-none-eabi-binuti |=affected,fedora-all/avr-bi |ls-cs=affected,fedora-all/a |nutils=affected,fedora-all/ |vr-binutils=affected,fedora |binutils=affected,fedora-al |-all/binutils=affected,fedo |l/cross-binutils=affected,f |ra-all/cross-binutils=affec |edora-all/mingw-binutils=af |ted,fedora-all/mingw-binuti |fected,fedora-all/msp430-bi |ls=affected,fedora-all/msp4 |nutils=affected,rhel-5/binu |30-binutils=affected,rhel-5 |tils=wontfix,rhel-5/binutil |/binutils=wontfix,rhel-5/bi |s220=wontfix,rhel-6/binutil |nutils220=wontfix,rhel-6/bi |s=affected,rhel-6/mingw32-b |nutils=affected,rhel-6/ming |inutils=wontfix,rhel-7/binu |w32-binutils=wontfix,rhel-7 |tils=defer,epel-all/avr-bin |/binutils=defer,epel-all/av |utils=affected,epel-all/cro |r-binutils=affected,epel-al |ss-binutils=affected,epel-a |l/cross-binutils=affected,e |ll/mingw-binutils=affected |pel-all/mingw-binutils=affe | |cted
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
Ján Rusnačko jrusnack@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |jrusnack@redhat.com Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014 |1104,reported=20141111,sour |1104,reported=20141111,sour |ce=oss-security,cvss2=2.1/A |ce=oss-security,cvss2=2.1/A |V:L/AC:L/Au:N/C:N/I:P/A:N,d |V:L/AC:L/Au:N/C:N/I:P/A:N,d |ts-2.1/devtoolset-2-binutil |ts-2.1/devtoolset-2-binutil |s=affected,dts-3.0/devtools |s=affected,dts-3.0/devtools |et-3-binutils=affected,fedo |et-3-binutils=affected,fedo |ra-all/arm-none-eabi-binuti |ra-all/arm-none-eabi-binuti |ls-cs=affected,fedora-all/a |ls-cs=affected,fedora-all/a |vr-binutils=affected,fedora |vr-binutils=affected,fedora |-all/binutils=affected,fedo |-all/binutils=affected,fedo |ra-all/cross-binutils=affec |ra-all/cross-binutils=affec |ted,fedora-all/mingw-binuti |ted,fedora-all/mingw-binuti |ls=affected,fedora-all/msp4 |ls=affected,fedora-all/msp4 |30-binutils=affected,rhel-5 |30-binutils=affected,rhel-5 |/binutils=wontfix,rhel-5/bi |/binutils=wontfix,rhel-5/bi |nutils220=wontfix,rhel-6/bi |nutils220=wontfix,rhel-6/bi |nutils=affected,rhel-6/ming |nutils=affected,rhel-6/ming |w32-binutils=wontfix,rhel-7 |w32-binutils=wontfix,rhel-7 |/binutils=defer,epel-all/av |/binutils=defer,epel-all/av |r-binutils=affected,epel-al |r-binutils=affected,epel-al |l/cross-binutils=affected,e |l/cross-binutils=affected,e |pel-all/mingw-binutils=affe |pel-all/mingw-binutils=affe |cted |cted,cwe=CWE-22
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
--- Doc Text *updated* by Vasyl Kaigorodov vkaigoro@redhat.com --- A directory traversal flaw was found in strip and objcopy utilities. If a user were tricked into running strip or objdump on a specially crafted file, it could cause random files deletion or random files creation with the permissions of the user running application.
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
--- Doc Text *updated* by Martin Prpic mprpic@redhat.com --- A directory traversal flaw was found in the strip and objcopy utilities. A specially crafted file could cause strip or objdump to overwrite an arbitrary file writable by the user running either of these utilities.
https://bugzilla.redhat.com/show_bug.cgi?id=1162655 Bug 1162655 depends on bug 1162658, which changed state.
Bug 1162658 Summary: binutils: directory traversal vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1162658
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |WONTFIX
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
Nick Clifton nickc@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |MODIFIED Fixed In Version|binutils 2.25 |binutils-2.23.52.0.1-49.el7
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
Tomas Hoger thoger@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|MODIFIED |NEW Fixed In Version|binutils-2.23.52.0.1-49.el7 |binutils 2.25
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
Miloš Prchlík mprchlik@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |mprchlik@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
Huzaifa S. Sidhpurwala huzaifas@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1210268
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
Huzaifa S. Sidhpurwala huzaifas@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014 |1104,reported=20141111,sour |1104,reported=20141111,sour |ce=oss-security,cvss2=2.1/A |ce=oss-security,cvss2=2.1/A |V:L/AC:L/Au:N/C:N/I:P/A:N,d |V:L/AC:L/Au:N/C:N/I:P/A:N,d |ts-2.1/devtoolset-2-binutil |ts-2.1/devtoolset-2-binutil |s=affected,dts-3.0/devtools |s=affected,dts-3.0/devtools |et-3-binutils=affected,fedo |et-3-binutils=affected,fedo |ra-all/arm-none-eabi-binuti |ra-all/arm-none-eabi-binuti |ls-cs=affected,fedora-all/a |ls-cs=affected,fedora-all/a |vr-binutils=affected,fedora |vr-binutils=affected,fedora |-all/binutils=affected,fedo |-all/binutils=affected,fedo |ra-all/cross-binutils=affec |ra-all/cross-binutils=affec |ted,fedora-all/mingw-binuti |ted,fedora-all/mingw-binuti |ls=affected,fedora-all/msp4 |ls=affected,fedora-all/msp4 |30-binutils=affected,rhel-5 |30-binutils=affected,rhel-5 |/binutils=wontfix,rhel-5/bi |/binutils=wontfix,rhel-5/bi |nutils220=wontfix,rhel-6/bi |nutils220=wontfix,rhel-6/bi |nutils=affected,rhel-6/ming |nutils=affected,rhel-6/ming |w32-binutils=wontfix,rhel-7 |w32-binutils=wontfix,rhel-7 |/binutils=defer,epel-all/av |/binutils=affected,epel-all |r-binutils=affected,epel-al |/avr-binutils=affected,epel |l/cross-binutils=affected,e |-all/cross-binutils=affecte |pel-all/mingw-binutils=affe |d,epel-all/mingw-binutils=a |cted,cwe=CWE-22 |ffected,cwe=CWE-22
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
Martin Prpic mprpic@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014 |1104,reported=20141111,sour |1104,reported=20141111,sour |ce=oss-security,cvss2=2.1/A |ce=oss-security,cvss2=2.1/A |V:L/AC:L/Au:N/C:N/I:P/A:N,d |V:L/AC:L/Au:N/C:N/I:P/A:N,d |ts-2.1/devtoolset-2-binutil |ts-2.1/devtoolset-2-binutil |s=affected,dts-3.0/devtools |s=wontfix,dts-3.0/devtoolse |et-3-binutils=affected,fedo |t-3-binutils=affected,fedor |ra-all/arm-none-eabi-binuti |a-all/arm-none-eabi-binutil |ls-cs=affected,fedora-all/a |s-cs=affected,fedora-all/av |vr-binutils=affected,fedora |r-binutils=affected,fedora- |-all/binutils=affected,fedo |all/binutils=affected,fedor |ra-all/cross-binutils=affec |a-all/cross-binutils=affect |ted,fedora-all/mingw-binuti |ed,fedora-all/mingw-binutil |ls=affected,fedora-all/msp4 |s=affected,fedora-all/msp43 |30-binutils=affected,rhel-5 |0-binutils=affected,rhel-5/ |/binutils=wontfix,rhel-5/bi |binutils=wontfix,rhel-5/bin |nutils220=wontfix,rhel-6/bi |utils220=wontfix,rhel-6/bin |nutils=affected,rhel-6/ming |utils=affected,rhel-6/mingw |w32-binutils=wontfix,rhel-7 |32-binutils=wontfix,rhel-7/ |/binutils=affected,epel-all |binutils=affected,epel-all/ |/avr-binutils=affected,epel |avr-binutils=affected,epel- |-all/cross-binutils=affecte |all/cross-binutils=affected |d,epel-all/mingw-binutils=a |,epel-all/mingw-binutils=af |ffected,cwe=CWE-22 |fected,cwe=CWE-22
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
--- Comment #22 from Nick Clifton nickc@redhat.com --- Created attachment 1083729 --> https://bugzilla.redhat.com/attachment.cgi?id=1083729&action=edit Remove resource leak from binutils-th1162655.patch
Note - the patch for this BZ inadvertently introduced a resource leak into the binutils sources. This leak is detected by the covscan tool.
What can happen is that a buffer of 8192 bytes is allocated but not freed. This only happens when an illegal archive is being processed, and in this case the program will exit very shortly afterwards. So the resource will not prevent the proper functioning of the program on valid archives, and it will not prevent the program from reporting and exiting (cleanly) on invalid archives.
Since this problem has been detected so late in the 7.2 release process, a fix for it is being delayed until 7.3. The update to fix the patch is uploaded here.
Cheers Nick
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
--- Comment #23 from Jeff Law law@redhat.com --- Makes sense to me.
https://bugzilla.redhat.com/show_bug.cgi?id=1162655
--- Comment #24 from errata-xmlrpc errata-xmlrpc@redhat.com --- This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2015:2079 https://rhn.redhat.com/errata/RHSA-2015-2079.html