Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 29 Sep 2017 17:22:31 +0200
From: Agostino Sarubbo <>
Cc: Efraim Flashner <>
Subject: Re: binutils: heap-based buffer overflow in _bfd_x86_elf_get_synthetic_symtab (elfxx-x86.c)

On mercoledì 27 settembre 2017 12:20:15 CEST Efraim Flashner wrote:
> On Tue, Sep 26, 2017 at 07:03:41AM +0000, Agostino Sarubbo wrote:
> > Affected version:
> > and maybe past releases
> As best as I can see, it looks like the bug was introduced after the
> 2.28 series was frozen/split-off, and there is no part of the patch that
> applies to the 2.28.1 release.
> I have not, however, tried the reproducer.

The provided testcase works for me after the commit 

Agostino Sarubbo
Gentoo Linux Developer

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ