oss-sec mailing list archives
cve request: libbfd?
From: Michal Zalewski <lcamtuf () coredump cx>
Date: Sat, 25 Oct 2014 10:36:25 -0700
Hey, You may want to assign something to: http://lcamtuf.blogspot.com/2014/10/psa-dont-run-strings-on-untrusted-files.html http://sourceware.org/bugzilla/show_bug.cgi?id=17510 This is slightly complicated by the fact that libbfd is just bad in general and there likely are dozens of individual bugs, but the write-to-arbitrary-pointer issues with ELF section parsing in elf.c sort of stand out. /mz
Current thread:
- cve request: libbfd? Michal Zalewski (Oct 25)
- Re: cve request: libbfd? Vasyl Kaigorodov (Nov 11)
- Re: cve request: libbfd? Vasyl Kaigorodov (Nov 21)
- Re: cve request: libbfd? Alexander Cherepanov (Nov 21)
- Re: cve request: libbfd? Vasyl Kaigorodov (Nov 21)
- Re: cve request: libbfd? Vasyl Kaigorodov (Nov 11)