SB2021110232 - SUSE update for binutils
Published: November 2, 2021
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 20 secuirty vulnerabilities.
1) Out-of-bounds read (CVE-ID: CVE-2019-12972)
The vulnerability allows an attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to heap-based buffer over-read condition within the "_bfd_doprnt" function in the "bfd.c" file in the Binary File Descriptor (BFD) library. A local attacker can pass a malformed ELF binary to the affected application and perform a denial of service attack.
2) Integer overflow (CVE-ID: CVE-2019-14250)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow in simple_object_elf_match() function in simple-object-elf.c. A remote attacker can use a specially crFted ELF file to trigger integer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
3) Integer overflow (CVE-ID: CVE-2019-14444)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow in apply_relocations() function in readelf.c. A remote attacker can create a specially crafted ELF file, trick the victim to use it, trigger integer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
4) Infinite loop (CVE-ID: CVE-2019-17450)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop when processing ELF files within the find_abstract_instance() function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd). A remote attacker can consume all available system resources and cause denial of service conditions.
5) Integer overflow (CVE-ID: CVE-2019-17451)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow within the _bfd_dwarf2_find_nearest_line() function in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd). A remote attacker can #CONDITION2#, trigger integer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
6) Out-of-bounds read (CVE-ID: CVE-2019-9074)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in bfd_getl32() function in libbfd.c within the libbfd library, distributed in GNU Binutils. A remote attacker can create a specially crafted Excel file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
7) Heap-based buffer overflow (CVE-ID: CVE-2019-9075)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in _bfd_archive_64_bit_slurp_armap() function in archive64.c within the libbfd library, distributed in GNU Binutils. A remote attacker can trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
8) Heap-based buffer overflow (CVE-ID: CVE-2019-9077)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing MIPS option section within the process_mips_specific() function in readelf.c. A remote attacker can trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
9) Double Free (CVE-ID: CVE-2020-16590)
The vulnerability allows a local attacker to perform a denial of service attack.
The vulnerability exists due to a boundary error in the Binary File Descriptor (BFD) (aka libbrd) in GNU Binutils in the process_symbol_table. A local attacker can trick the victim into opening a specially crafted data, trigger double free error and perform a denial of service attack.
10) Out-of-bounds read (CVE-ID: CVE-2020-16591)
The vulnerability allows a local attacker to perform a denial of service attack.
The vulnerability exists due to invalid read in process_symbol_table. A local attacker can trick the victim into opening a specially crafted data, trigger out-of-bounds read and perform a denial of service attack.
11) Use-after-free (CVE-ID: CVE-2020-16592)
The vulnerability allows a local attacker to perform a denial of service attack.
The vulnerability exists in bfd_hash_lookup. A local attacker can trick the victim into opening a specially crafted data, trigger use-after-free and perform a denial of service attack.
12) NULL pointer dereference (CVE-ID: CVE-2020-16593)
The vulnerability allows a local attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in scan_unit_for_symbols. A local attacker can trick the victim into opening a specially crafted data and perform a denial of service (DoS) attack.
13) NULL pointer dereference (CVE-ID: CVE-2020-16599)
The vulnerability allows a local attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in _bfd_elf_get_symbol_version_string. A local attacker can trick the victim into opening a specially crafted file and perform a denial of service (DoS) attack.
14) Out-of-bounds write (CVE-ID: CVE-2020-35448)
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35.1. A heap-based buffer over-read can occur in bfd_getl_signed_32 in libbfd.c because sh_entsize is not validated in _bfd_elf_slurp_secondary_reloc_section in elf.c.
15) Input validation error (CVE-ID: CVE-2020-35493)
The vulnerability allows a local attacker to perform a denial of service attack.
The vulnerability exists in bfd/pef.c. A local attacker can send a specially crafted PEF file and perform a denial of service attack.
16) NULL pointer dereference (CVE-ID: CVE-2020-35496)
The vulnerability allows a local attacker to perform a denial of service (DoS) attack.
The vulnerability exists in bfd_pef_scan_start_address() of bfd/pef.c in binutils. A local attacker can trick the victim into opening a specially crafted data and perform a denial of service (DoS) attack.
17) NULL pointer dereference (CVE-ID: CVE-2020-35507)
The vulnerability allows a local attacker to perform a denial of service (DoS) attack.
The vulnerability exists in bfd_pef_parse_function_stubs of bfd/pef.c in binutils. A local attacker can trick the victim into opening a specially crafted data and perform a denial of service (DoS) attack.
18) UNIX symbolic link following (CVE-ID: CVE-2021-20197)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a symlink following issue within the ar, objcopy, strip, ranlib utilities wen writing output. A local user can create a specially crafted symbolic link to a critical file on the system and overwrite it with privileges of the application.
Successful exploitation of this vulnerability may result in privilege escalation.
19) Heap-based buffer overflow (CVE-ID: CVE-2021-20284)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the _bfd_elf_slurp_secondary_reloc_section() function in elf.c. A remote attacker can pass specially crafted data to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
20) Input validation error (CVE-ID: CVE-2021-3487)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the BFD library in binutils. A remote attacker who supplies a crafted file to an application linked with BFD can use the DWARF functionality to perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.