Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 635
Alerts This Week
Warning Icon 1 635

Mageia 7: 2021-0011 Moderate: Binutils Null Pointer and Use-After-Free DoS

mageia
Calendar Grey January 8, 2021
Dist Mageia Esm H88
Mageia security notice regarding binutils patch to resolve Denial of Service vulnerabilities. Targeting null dereference and use-after-free problems.
It was discovered that mingw-binutils and binutils suffered from two vulnerabilites which might lead to DoS

Summary

It was discovered that mingw-binutils and binutils suffered from two vulnerabilites which might lead to DoS.
Null Pointer Dereference in debug_get_real_type could result in DoS (CVE-2020-16598).
Use-after-free in bfd_hash_lookup could result in DoS (CVE-2020-16592).

References

- https://bugs.mageia.org/show_bug.cgi?id=27954

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/DJIW6KKY2TSLD43XEZXG56WREIIBUIIQ/

- https://www.cve.org/CVERecord?id=CVE-2020-16598

- https://www.cve.org/CVERecord?id=CVE-2020-16592

Resolution

SRPMS

- 7/core/binutils-2.33.1-1.1.mga7

- 7/core/mingw-binutils-2.30-3.1.mga7

- 7/core/cross-binutils-2.31.1-1.1.mga7

Publication date: 08 Jan 2021
URL: https://advisories.mageia.org/MGASA-2021-0011.html
Type: security
CVE: CVE-2020-16598, CVE-2020-16592

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.