public inbox for gdb-prs@sourceware.org
help / color / mirror / Atom feed
From: "simon.marchi at polymtl dot ca" <sourceware-bugzilla@sourceware.org>
To: gdb-prs@sourceware.org
Subject: [Bug gdb/30641] AddressSanitizer: heap-buffer-overflow /home/root/sp/Dataset/Binutils/binutils_aflpp/gdb/coff-pe-read.c:284:10 in pe_as16(void*)
Date: Thu, 28 Sep 2023 14:32:06 +0000 [thread overview]
Message-ID: <bug-30641-4717-MRPPYWduTj@http.sourceware.org/bugzilla/> (raw)
In-Reply-To: <bug-30641-4717@http.sourceware.org/bugzilla/>
https://sourceware.org/bugzilla/show_bug.cgi?id=30641
Simon Marchi <simon.marchi at polymtl dot ca> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |simon.marchi at polymtl dot ca
--- Comment #5 from Simon Marchi <simon.marchi at polymtl dot ca> ---
(In reply to Abdul Basit from comment #4)
> Regarding this issue and Bug 30640 there are CVEs linked to both issues.
> https://nvd.nist.gov/vuln/detail/CVE-2023-39129
> https://nvd.nist.gov/vuln/detail/CVE-2023-39130
>
> @sihan2021 last comment on the ticket is following and afterwards there is
> no update:
> > Please ignore 30639, 30640, and 30641 bug report. I will use the latest origin/master gdb with asan to check these bug again.
>
> Can you please confirm is there any update regarding this as CVEs are still
> open for all these issues and there is no update on these two issues. I do
> not see any new issue link to these CVEs. So if these are not valid issues
> then it would be helpful to update the related CVEs otherwise if they are
> valid issues then to update them with right info about security issue in gdb
> 13.1
>
> Thanks
They are likely valid issues. If there is no update, it probably means nobody
has looked into fixing them.
--
You are receiving this mail because:
You are on the CC list for the bug.
next prev parent reply other threads:[~2023-09-28 14:32 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-07-15 6:36 [Bug gdb/30641] New: " sihan2021 at iscas dot ac.cn
2023-07-15 6:36 ` [Bug gdb/30641] " sihan2021 at iscas dot ac.cn
2023-07-26 19:48 ` keiths at redhat dot com
2023-07-29 7:44 ` sihan2021 at iscas dot ac.cn
2023-09-28 8:10 ` abdul.basitijaz at gmail dot com
2023-09-28 14:32 ` simon.marchi at polymtl dot ca [this message]
2023-09-28 14:44 ` keiths at redhat dot com
2023-09-28 19:09 ` keiths at redhat dot com
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bug-30641-4717-MRPPYWduTj@http.sourceware.org/bugzilla/ \
--to=sourceware-bugzilla@sourceware.org \
--cc=gdb-prs@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).