* [Bug tools/21320] New: eu-elflint: heap-based buffer overflow in check_group (elflint.c) @ 2017-03-28 8:35 ago at gentoo dot org 2017-03-28 8:39 ` [Bug tools/21320] " ago at gentoo dot org ` (3 more replies) 0 siblings, 4 replies; 5+ messages in thread From: ago at gentoo dot org @ 2017-03-28 8:35 UTC (permalink / raw) To: elfutils-devel https://sourceware.org/bugzilla/show_bug.cgi?id=21320 Bug ID: 21320 Summary: eu-elflint: heap-based buffer overflow in check_group (elflint.c) Product: elfutils Version: unspecified Status: UNCONFIRMED Severity: normal Priority: P2 Component: tools Assignee: unassigned at sourceware dot org Reporter: ago at gentoo dot org CC: elfutils-devel at sourceware dot org Target Milestone: --- Created attachment 9952 --> https://sourceware.org/bugzilla/attachment.cgi?id=9952&action=edit stacktrace On elfutils-0.168: # eu-elflint -d $FILE READ of size 4 at 0x60200000efd0 thread T0 #0 0x41a39e in check_group /tmp/portage/dev-libs/elfutils-0.168/work/elfutils-0.168/src/elflint.c:2664 Compiled with: gcc-6.3.0 Reproducer: https://github.com/asarubbo/poc/blob/master/00247-elfutils-heapoverflow-check_group Stacktrace attached. -- You are receiving this mail because: You are on the CC list for the bug. ^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug tools/21320] eu-elflint: heap-based buffer overflow in check_group (elflint.c) 2017-03-28 8:35 [Bug tools/21320] New: eu-elflint: heap-based buffer overflow in check_group (elflint.c) ago at gentoo dot org @ 2017-03-28 8:39 ` ago at gentoo dot org 2017-03-28 11:33 ` mjw at redhat dot com ` (2 subsequent siblings) 3 siblings, 0 replies; 5+ messages in thread From: ago at gentoo dot org @ 2017-03-28 8:39 UTC (permalink / raw) To: elfutils-devel https://sourceware.org/bugzilla/show_bug.cgi?id=21320 --- Comment #1 from Agostino Sarubbo <ago at gentoo dot org> --- it can be a duplicate of 21310 -- You are receiving this mail because: You are on the CC list for the bug. ^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug tools/21320] eu-elflint: heap-based buffer overflow in check_group (elflint.c) 2017-03-28 8:35 [Bug tools/21320] New: eu-elflint: heap-based buffer overflow in check_group (elflint.c) ago at gentoo dot org 2017-03-28 8:39 ` [Bug tools/21320] " ago at gentoo dot org @ 2017-03-28 11:33 ` mjw at redhat dot com 2017-04-03 22:28 ` mark at klomp dot org 2017-04-10 7:33 ` ago at gentoo dot org 3 siblings, 0 replies; 5+ messages in thread From: mjw at redhat dot com @ 2017-03-28 11:33 UTC (permalink / raw) To: elfutils-devel https://sourceware.org/bugzilla/show_bug.cgi?id=21320 Mark Wielaard <mjw at redhat dot com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mjw at redhat dot com --- Comment #2 from Mark Wielaard <mjw at redhat dot com> --- elflint: Don't check section group without flags word https://sourceware.org/ml/elfutils-devel/2017-q1/msg00137.html -- You are receiving this mail because: You are on the CC list for the bug. ^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug tools/21320] eu-elflint: heap-based buffer overflow in check_group (elflint.c) 2017-03-28 8:35 [Bug tools/21320] New: eu-elflint: heap-based buffer overflow in check_group (elflint.c) ago at gentoo dot org 2017-03-28 8:39 ` [Bug tools/21320] " ago at gentoo dot org 2017-03-28 11:33 ` mjw at redhat dot com @ 2017-04-03 22:28 ` mark at klomp dot org 2017-04-10 7:33 ` ago at gentoo dot org 3 siblings, 0 replies; 5+ messages in thread From: mark at klomp dot org @ 2017-04-03 22:28 UTC (permalink / raw) To: elfutils-devel https://sourceware.org/bugzilla/show_bug.cgi?id=21320 Mark Wielaard <mark at klomp dot org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |RESOLVED CC| |mark at klomp dot org Resolution|--- |FIXED --- Comment #3 from Mark Wielaard <mark at klomp dot org> --- commit fb6709f1a41b58a9557ea45b7f53ae678c660b21 Author: Mark Wielaard <mark@klomp.org> Date: Tue Mar 28 13:33:03 2017 +0200 elflint: Don't check section group without flags word. https://sourceware.org/bugzilla/show_bug.cgi?id=21320 Signed-off-by: Mark Wielaard <mark@klomp.org> -- You are receiving this mail because: You are on the CC list for the bug. ^ permalink raw reply [flat|nested] 5+ messages in thread
* [Bug tools/21320] eu-elflint: heap-based buffer overflow in check_group (elflint.c) 2017-03-28 8:35 [Bug tools/21320] New: eu-elflint: heap-based buffer overflow in check_group (elflint.c) ago at gentoo dot org ` (2 preceding siblings ...) 2017-04-03 22:28 ` mark at klomp dot org @ 2017-04-10 7:33 ` ago at gentoo dot org 3 siblings, 0 replies; 5+ messages in thread From: ago at gentoo dot org @ 2017-04-10 7:33 UTC (permalink / raw) To: elfutils-devel https://sourceware.org/bugzilla/show_bug.cgi?id=21320 --- Comment #4 from Agostino Sarubbo <ago at gentoo dot org> --- Mitre assigned CVE-2017-7610 to this issue. -- You are receiving this mail because: You are on the CC list for the bug. ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2017-04-10 7:33 UTC | newest] Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2017-03-28 8:35 [Bug tools/21320] New: eu-elflint: heap-based buffer overflow in check_group (elflint.c) ago at gentoo dot org 2017-03-28 8:39 ` [Bug tools/21320] " ago at gentoo dot org 2017-03-28 11:33 ` mjw at redhat dot com 2017-04-03 22:28 ` mark at klomp dot org 2017-04-10 7:33 ` ago at gentoo dot org
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).