Package : binutils Version : 2.20.1-16+deb6u2 CVE ID : CVE-2012-3509 Debian Bug : 688951 This update fixes several issues as described below. PR ld/12613 (no CVE assigned) Niranjan Hasabnis discovered that passing an malformed linker script to GNU ld, part of binutils, may result in a stack buffer overflow. If the linker is used with untrusted object files, this would allow remote attackers to cause a denial of service (crash) or possibly privilege escalation. CVE-2012-3509 #688951 Sang Kil Cha discovered that a buffer size calculation in libiberty, part of binutils, may result in integer overflow and then a heap buffer overflow. If libiberty or the commands in binutils are used to read untrusted binaries, this would allow remote attackers to cause a denial of service (crash) or possibly privilege escalation. PR binutils/18750 (no CVE assigned) Joshua Rogers reported that passing a malformed ihex (Intel hexadecimal) file to to various commands in binutils may result in a stack buffer overflow. A similar issue was found in readelf. If these commands are used to read untrusted binaries, this would allow remote attackers to cause a denial of service (crash) or possibly privilege escalation. For the oldoldstable distribution (squeeze), these problems have been fixed in version 2.20.1-16+deb6u2. For the oldstable distribution (wheezy) and the stable distribution (jessie), PR ld/12613 and CVE-2012-3509 were fixed before release, and PR binutils/18750 will be fixed in a later update. -- Ben Hutchings - Debian developer, member of Linux kernel and LTS teams
Attachment:
signature.asc
Description: This is a digitally signed message part