Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Ubuntu 18.04 LTS: USN-6413-1 Moderate: binutils Denial of Service

ubuntu
Calendar Grey October 4, 2023
Dist Ubuntu Esm H88
Secure your Ubuntu system against GNU binutils vulnerabilities by following these steps to update, install patches, and monitor for threats effectively
Several security issues were fixed in GNU binutils.

Summary

Several security issues were fixed in GNU binutils.

Software Description:

- binutils: GNU assembler, linker and binary utilities

Details:

It was discovered that GNU binutils was not properly performing checks

when dealing with memory allocation operations, which could lead to

excessive memory consumption. An attacker could possibly use this issue

to cause a denial of service. This issue only affected Ubuntu 14.04 LTS.

(CVE-2017-17122, CVE-2017-8421)

It was discovered that GNU binutils was not properly performing bounds

checks when processing debug sections with objdump, which could lead to

an overflow. An attacker could possibly use this issue to cause a denial

of service or execute arbitrary code. This issue only affected Ubuntu

14.04 LTS. (CVE-2018-20671, CVE-2018-6543)

It was discovered that GNU binutils contained a reachable assertion, which

could lead to an intentional assertion failure when processing certain

crafted DWARF files. An attacker could p...

Read the Full Advisory

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS (Available with Ubuntu Pro):
binutils 2.30-21ubuntu1~18.04.9+esm3
binutils-multiarch 2.30-21ubuntu1~18.04.9+esm3

Ubuntu 16.04 LTS (Available with Ubuntu Pro):
binutils 2.26.1-1ubuntu1~16.04.8+esm9
binutils-multiarch 2.26.1-1ubuntu1~16.04.8+esm9

Ubuntu 14.04 LTS (Available with Ubuntu Pro):
binutils 2.24-5ubuntu14.2+esm5
binutils-multiarch 2.24-5ubuntu14.2+esm5

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-6413-1

CVE-2017-17122, CVE-2017-8421, CVE-2018-20671, CVE-2018-6543,

CVE-2022-35205, CVE-2022-47007, CVE-2022-47008, CVE-2022-47010,

CVE-2022-47011, CVE-2022-48063

Ubuntu Security Notice USN-6413-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here