Mageia: 2019-0169 Critical: Binutils Denial of Service and Buffer Overflow
mageia
May 12, 2019
This update provides the latest stable binutils, currently version 2.32 and fixes atleast the following security issues: ihex.c in GNU Binutils before 2.26 contains a stack buffer...
Summary
This update provides the latest stable binutils, currently version 2.32
and fixes atleast the following security issues:
ihex.c in GNU Binutils before 2.26 contains a stack buffer overflow when
printing bad bytes in Intel Hex objects (CVE-2014-9939)
Use-after-free vulnerability in libiberty allows remote attackers to cause
a denial of service (segmentation fault and crash) via a crafted binary,
related to "btypevec." (CVE-2016-4487)
Use-after-free vulnerability in libiberty allows remote attackers to cause
a denial of service (segmentation fault and crash) via a crafted binary,
related to "ktypevec." (CVE-2016-4488)
Integer overflow in the gnu_special function in libiberty allows remote
attackers to cause a denial of service (segmentation fault and crash) via
a crafted binary, related to the "demangling of virtual tables."
(CVE-2016-4489)
Integer overflow in cp-demangle.c in libiberty allows remote attackers to
cause a denial of service (segmentation fault and crash) via a crafted
b...
References
- https://bugs.mageia.org/show_bug.cgi?id=18987
- https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=blob_plain;f=binutils/NEWS;hb=refs/tags/binutils-2_32
- https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=blob_plain;f=gas/NEWS;hb=refs/tags/binutils-2_32
- https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=blob_plain;f=ld/NEWS;hb=refs/tags/binutils-2_32
- https://lwn.net/Articles/694764/
- https://openwall.com/lists/oss-security/2017/03/16/8
- https://openwall.com/lists/oss-security/2017/04/10/16
- https://openwall.com/lists/oss-security/2017/05/18/7
- https://openwall.com/lists/oss-security/2017/09/26/6
- https://openwall.com/lists/oss-security/2017/09/30/1
- https://openwall.com/lists/oss-security/2017/09/30/2
- https://openwall.com/lists/oss-security/2017/09/30/3
- https://openwall.com/lists/oss-security/2017/10/04/3
- https://openwall.com/lists/oss-security/2017/10/04/6
- https://openwall.com/lists/oss-security/2017/10/04/4
- https://openwall.com/lists/oss-security/2017/10/04/5
- https://openwall.com/lists/oss-security/2017/10/04/8
- https://openwall.com/lists/oss-security/2017/10/04/7
- https://openwall.com/lists/oss-security/2017/10/27/4
- https://openwall.com/lists/oss-security/2017/10/27/3
- - https://lists.suse.com/pipermail/sle-security-updates/2018-October/004678.html
- https://lists.suse.com/pipermail/sle-security-updates/2018-October/004683.html
- - - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/37N6SA4WSBTFWAMPQXHSO7JRJQ6EIIO5/
- https://bugzilla.redhat.com/show_bug.cgi?id=1645958
- https://www.cve.org/CVERecord?id=CVE-2014-9939
- https://www.cve.org/CVERecord?id=CVE-2016-4487
- https://www.cve.org/CVERecord?id=CVE-2016-4488
- https://www.cve.org/CVERecord?id=CVE-2016-4489
- https://www.cve.org/CVERecord?id=CVE-2016-4490
- https://www.cve.org/CVERecord?id=CVE-2016-4492
- https://www.cve.org/CVERecord?id=CVE-2016-4493
- https://www.cve.org/CVERecord?id=CVE-2016-6131
- https://www.cve.org/CVERecord?id=CVE-2017-6965
- https://www.cve.org/CVERecord?id=CVE-2017-6966
- https://www.cve.org/CVERecord?id=CVE-2017-6969
- https://www.cve.org/CVERecord?id=CVE-2017-7209
- https://www.cve.org/CVERecord?id=CVE-2017-7210
- https://www.cve.org/CVERecord?id=CVE-2017-7223
- https://www.cve.org/CVERecord?id=CVE-2017-7224
- https://www.cve.org/CVERecord?id=CVE-2017-7225
- https://www.cve.org/CVERecord?id=CVE-2017-7226
- https://www.cve.org/CVERecord?id=CVE-2017-7227
- https://www.cve.org/CVERecord?id=CVE-2017-7299
- https://www.cve.org/CVERecord?id=CVE-2017-7300
- https://www.cve.org/CVERecord?id=CVE-2017-7301
- https://www.cve.org/CVERecord?id=CVE-2017-7302
- https://www.cve.org/CVERecord?id=CVE-2017-7303
- https://www.cve.org/CVERecord?id=CVE-2017-7304
- https://www.cve.org/CVERecord?id=CVE-2017-7614
- https://www.cve.org/CVERecord?id=CVE-2017-8392
- https://www.cve.org/CVERecord?id=CVE-2017-8393
- https://www.cve.org/CVERecord?id=CVE-2017-8394
- https://www.cve.org/CVERecord?id=CVE-2017-8395
- https://www.cve.org/CVERecord?id=CVE-2017-8396
- https://www.cve.org/CVERecord?id=CVE-2017-8397
- https://www.cve.org/CVERecord?id=CVE-2017-8398
- https://www.cve.org/CVERecord?id=CVE-2017-8421
- https://www.cve.org/CVERecord?id=CVE-2017-9038
- https://www.cve.org/CVERecord?id=CVE-2017-9039
- https://www.cve.org/CVERecord?id=CVE-2017-9040
- https://www.cve.org/CVERecord?id=CVE-2017-9041
- https://www.cve.org/CVERecord?id=CVE-2017-9042
- https://www.cve.org/CVERecord?id=CVE-2017-9043
- https://www.cve.org/CVERecord?id=CVE-2017-9044
- https://www.cve.org/CVERecord?id=CVE-2017-9746
- https://www.cve.org/CVERecord?id=CVE-2017-9747
- https://www.cve.org/CVERecord?id=CVE-2017-9748
- https://www.cve.org/CVERecord?id=CVE-2017-9750
- https://www.cve.org/CVERecord?id=CVE-2017-9755
- https://www.cve.org/CVERecord?id=CVE-2017-9756
- https://www.cve.org/CVERecord?id=CVE-2017-9954
- https://www.cve.org/CVERecord?id=CVE-2017-9955
- https://www.cve.org/CVERecord?id=CVE-2017-12448
- https://www.cve.org/CVERecord?id=CVE-2017-12449
- https://www.cve.org/CVERecord?id=CVE-2017-12450
- https://www.cve.org/CVERecord?id=CVE-2017-12451
- https://www.cve.org/CVERecord?id=CVE-2017-12452
- https://www.cve.org/CVERecord?id=CVE-2017-12453
- https://www.cve.org/CVERecord?id=CVE-2017-12454
- https://www.cve.org/CVERecord?id=CVE-2017-12455
- https://www.cve.org/CVERecord?id=CVE-2017-12456
- https://www.cve.org/CVERecord?id=CVE-2017-12457
- https://www.cve.org/CVERecord?id=CVE-2017-12458
- https://www.cve.org/CVERecord?id=CVE-2017-12459
- https://www.cve.org/CVERecord?id=CVE-2017-12799
- https://www.cve.org/CVERecord?id=CVE-2017-13710
- https://www.cve.org/CVERecord?id=CVE-2017-13716
- https://www.cve.org/CVERecord?id=CVE-2017-13757
- https://www.cve.org/CVERecord?id=CVE-2017-14128
- https://www.cve.org/CVERecord?id=CVE-2017-14129
- https://www.cve.org/CVERecord?id=CVE-2017-14130
- https://www.cve.org/CVERecord?id=CVE-2017-14333
- https://www.cve.org/CVERecord?id=CVE-2017-14529
- https://www.cve.org/CVERecord?id=CVE-2017-14729
- https://www.cve.org/CVERecord?id=CVE-2017-14745
- https://www.cve.org/CVERecord?id=CVE-2017-14938
- https://www.cve.org/CVERecord?id=CVE-2017-14939
- https://www.cve.org/CVERecord?id=CVE-2017-14940
- https://www.cve.org/CVERecord?id=CVE-2017-14974
- https://www.cve.org/CVERecord?id=CVE-2017-15020
- https://www.cve.org/CVERecord?id=CVE-2017-15021
- https://www.cve.org/CVERecord?id=CVE-2017-15022
- https://www.cve.org/CVERecord?id=CVE-2017-15023
- https://www.cve.org/CVERecord?id=CVE-2017-15024
- https://www.cve.org/CVERecord?id=CVE-2017-15025
- https://www.cve.org/CVERecord?id=CVE-2017-15938
- https://www.cve.org/CVERecord?id=CVE-2017-15939
- https://www.cve.org/CVERecord?id=CVE-2018-6323
- https://www.cve.org/CVERecord?id=CVE-2018-6543
- https://www.cve.org/CVERecord?id=CVE-2018-6759
- https://www.cve.org/CVERecord?id=CVE-2018-6872
- https://www.cve.org/CVERecord?id=CVE-2018-7208
- https://www.cve.org/CVERecord?id=CVE-2018-7568
- https://www.cve.org/CVERecord?id=CVE-2018-7569
- https://www.cve.org/CVERecord?id=CVE-2018-7570
- https://www.cve.org/CVERecord?id=CVE-2018-7642
- https://www.cve.org/CVERecord?id=CVE-2018-7643
- https://www.cve.org/CVERecord?id=CVE-2018-8945
- https://www.cve.org/CVERecord?id=CVE-2018-10372
- https://www.cve.org/CVERecord?id=CVE-2018-10373
- https://www.cve.org/CVERecord?id=CVE-2018-10534
- https://www.cve.org/CVERecord?id=CVE-2018-10535
- https://www.cve.org/CVERecord?id=CVE-2018-18484
- https://www.cve.org/CVERecord?id=CVE-2018-18700
- https://www.cve.org/CVERecord?id=CVE-2019-9071
- https://www.cve.org/CVERecord?id=CVE-2019-9073
- https://www.cve.org/CVERecord?id=CVE-2019-9074
- https://www.cve.org/CVERecord?id=CVE-2019-9075
- https://www.cve.org/CVERecord?id=CVE-2019-9077
Resolution
SRPMS
- 6/core/binutils-2.32-1.1.mga6
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Publication date: 12 May 2019
URL: https://advisories.mageia.org/MGASA-2019-0169.html
Type: security
CVE: CVE-2014-9939,
CVE-2016-4487,
CVE-2016-4488,
CVE-2016-4489,
CVE-2016-4490,
CVE-2016-4492,
CVE-2016-4493,
CVE-2016-6131,
CVE-2017-6965,
CVE-2017-6966,
CVE-2017-6969,
CVE-2017-7209,
CVE-2017-7210,
CVE-2017-7223,
CVE-2017-7224,
CVE-2017-7225,
CVE-2017-7226,
CVE-2017-7227,
CVE-2017-7299,
CVE-2017-7300,
CVE-2017-7301,
CVE-2017-7302,
CVE-2017-7303,
CVE-2017-7304,
CVE-2017-7614,
CVE-2017-8392,
CVE-2017-8393,
CVE-2017-8394,
CVE-2017-8395,
CVE-2017-8396,
CVE-2017-8397,
CVE-2017-8398,
CVE-2017-8421,
CVE-2017-9038,
CVE-2017-9039,
CVE-2017-9040,
CVE-2017-9041,
CVE-2017-9042,
CVE-2017-9043,
CVE-2017-9044,
CVE-2017-9746,
CVE-2017-9747,
CVE-2017-9748,
CVE-2017-9750,
CVE-2017-9755,
CVE-2017-9756,
CVE-2017-9954,
CVE-2017-9955,
CVE-2017-12448,
CVE-2017-12449,
CVE-2017-12450,
CVE-2017-12451,
CVE-2017-12452,
CVE-2017-12453,
CVE-2017-12454,
CVE-2017-12455,
CVE-2017-12456,
CVE-2017-12457,
CVE-2017-12458,
CVE-2017-12459,
CVE-2017-12799,
CVE-2017-13710,
CVE-2017-13716,
CVE-2017-13757,
CVE-2017-14128,
CVE-2017-14129,
CVE-2017-14130,
CVE-2017-14333,
CVE-2017-14529,
CVE-2017-14729,
CVE-2017-14745,
CVE-2017-14938,
CVE-2017-14939,
CVE-2017-14940,
CVE-2017-14974,
CVE-2017-15020,
CVE-2017-15021,
CVE-2017-15022,
CVE-2017-15023,
CVE-2017-15024,
CVE-2017-15025,
CVE-2017-15938,
CVE-2017-15939,
CVE-2018-6323,
CVE-2018-6543,
CVE-2018-6759,
CVE-2018-6872,
CVE-2018-7208,
CVE-2018-7568,
CVE-2018-7569,
CVE-2018-7570,
CVE-2018-7642,
CVE-2018-7643,
CVE-2018-8945,
CVE-2018-10372,
CVE-2018-10373,
CVE-2018-10534,
CVE-2018-10535,
CVE-2018-18484,
CVE-2018-18700,
CVE-2019-9071,
CVE-2019-9073,
CVE-2019-9074,
CVE-2019-9075,
CVE-2019-9077
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!