oss-sec mailing list archives
Re: binutils: heap-based buffer overflow in _bfd_x86_elf_get_synthetic_symtab (elfxx-x86.c)
From: Efraim Flashner <efraim () flashner co il>
Date: Wed, 27 Sep 2017 13:20:15 +0300
On Tue, Sep 26, 2017 at 07:03:41AM +0000, Agostino Sarubbo wrote:
Affected version: 2.29.51.20170921 and maybe past releases
As best as I can see, it looks like the bug was introduced after the 2.28 series was frozen/split-off, and there is no part of the patch that applies to the 2.28.1 release. I have not, however, tried the reproducer. -- Efraim Flashner <efraim () flashner co il> אפרים פלשנר GPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351 Confidentiality cannot be guaranteed on emails sent or received unencrypted
Attachment:
signature.asc
Description:
Current thread:
- binutils: heap-based buffer overflow in _bfd_x86_elf_get_synthetic_symtab (elfxx-x86.c) Agostino Sarubbo (Sep 26)
- Re: binutils: heap-based buffer overflow in _bfd_x86_elf_get_synthetic_symtab (elfxx-x86.c) Efraim Flashner (Sep 27)
- Re: binutils: heap-based buffer overflow in _bfd_x86_elf_get_synthetic_symtab (elfxx-x86.c) Agostino Sarubbo (Sep 29)
- Re: binutils: heap-based buffer overflow in _bfd_x86_elf_get_synthetic_symtab (elfxx-x86.c) Efraim Flashner (Sep 27)