Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 29 Sep 2017 17:22:31 +0200
From: Agostino Sarubbo <ago@...too.org>
To: oss-security@...ts.openwall.com
Cc: Efraim Flashner <efraim@...shner.co.il>
Subject: Re: binutils: heap-based buffer overflow in _bfd_x86_elf_get_synthetic_symtab (elfxx-x86.c)

On mercoledý 27 settembre 2017 12:20:15 CEST Efraim Flashner wrote:
> On Tue, Sep 26, 2017 at 07:03:41AM +0000, Agostino Sarubbo wrote:
> > Affected version:
> > 2.29.51.20170921 and maybe past releases
> 
> As best as I can see, it looks like the bug was introduced after the
> 2.28 series was frozen/split-off, and there is no part of the patch that
> applies to the 2.28.1 release.
> 
> I have not, however, tried the reproducer.

The provided testcase works for me after the commit 
98c5dfc99444094652c2f2259126f70e5cacf56f

-- 
Agostino Sarubbo
Gentoo Linux Developer

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ