SB2018022312 - Denial of service in GNU Binutils

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) NULL pointer dereference (CVE-ID: CVE-2018-7570)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the assign_file_positions_for_non_load_sections function due to the improper processing of crafted Executable and Linkable Format (ELF) files that contain a RELRO segment that lacks a matching LOAD segment. A remote attacker can send a specially crafted ELF file, trick the victim into opening it, trigger NULL pointer dereference and cause the service to crash.

2) Integer overflow (CVE-ID: CVE-2018-7568)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the parse_die function that is defined in the dwarf1.c source code file due to the improper processing of crafted Executable and Linkable Format (ELF) files that contain corrupted dwarf1 debug information. A remote attacker can send a specially crafted ELF file, trick the victim into opening it, trigger integer overflow and cause the service to crash.

3) Memory corruption (CVE-ID: CVE-2018-7569)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the dwarf2.c source code file due to the improper processing of crafted Executable and Linkable Format (ELF) files that contain a corrupted DWARF FORM block. A remote attacker can send a specially crafted ELF file, trick the victim into opening it, trigger integer overflow or underflow and cause the service to crash.

Remediation

Install update from vendor's website.

References

• https://sourceware.org/bugzilla/show_bug.cgi?id=22881
• https://sourceware.org/bugzilla/show_bug.cgi?id=22894
• https://sourceware.org/bugzilla/show_bug.cgi?id=22895