SB2021071010 - Gentoo update for Binutils
Published: July 10, 2021 Updated: April 24, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 14 secuirty vulnerabilities.
1) Out-of-bounds read (CVE-ID: CVE-2019-9070)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the d_expression_1 in cp-demangle.c after many recursive calls in GNU libiberty, as distributed in GNU Binutils 2.32. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
2) Resource exhaustion (CVE-ID: CVE-2019-9071)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an error within the d_count_templates_scopes() function in cp-demangle.c after many recursive calls in GNU libiberty, as distributed in GNU Binutils 2.32. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
3) Resource exhaustion (CVE-ID: CVE-2019-9072)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an error when allocating memory in setup_group() function in elf.c within the libbfd library, distributed in GNU Binutils. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
4) Resource exhaustion (CVE-ID: CVE-2019-9073)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an error when allocating memory in _bfd_elf_slurp_version_tables() function in elf.c within the libbfd library, distributed in GNU Binutils. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
5) Out-of-bounds read (CVE-ID: CVE-2019-9074)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in bfd_getl32() function in libbfd.c within the libbfd library, distributed in GNU Binutils. A remote attacker can create a specially crafted Excel file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
6) Heap-based buffer overflow (CVE-ID: CVE-2019-9075)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in _bfd_archive_64_bit_slurp_armap() function in archive64.c within the libbfd library, distributed in GNU Binutils. A remote attacker can trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
7) Resource exhaustion (CVE-ID: CVE-2019-9076)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an error when allocating memory in elf_read_notes() function in elf.c within the libbfd library, distributed with GNU Binutils. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
8) Heap-based buffer overflow (CVE-ID: CVE-2019-9077)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing MIPS option section within the process_mips_specific() function in readelf.c. A remote attacker can trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
9) Out-of-bounds write (CVE-ID: CVE-2020-35448)
The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35.1. A heap-based buffer over-read can occur in bfd_getl_signed_32 in libbfd.c because sh_entsize is not validated in _bfd_elf_slurp_secondary_reloc_section in elf.c.
10) Input validation error (CVE-ID: CVE-2020-35493)
The vulnerability allows a local attacker to perform a denial of service attack.
The vulnerability exists in bfd/pef.c. A local attacker can send a specially crafted PEF file and perform a denial of service attack.
11) Use of uninitialized resource (CVE-ID: CVE-2020-35494)
The vulnerability allows a local user to bypass certain security restrictions.
The vulnerability exists due to usage of uninitialized resources in binutils /opcodes/tic4x-dis.c. A local user can submit a crafted input file to be processed by binutils, trigger uninitialized usage of resources and bypass implemented security mechanisms.
12) NULL pointer dereference (CVE-ID: CVE-2020-35495)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error. A local user can submit a crafted input file to be processed by the objdump program and perform a denial of service (DoS) attack.
13) NULL pointer dereference (CVE-ID: CVE-2020-35496)
The vulnerability allows a local attacker to perform a denial of service (DoS) attack.
The vulnerability exists in bfd_pef_scan_start_address() of bfd/pef.c in binutils. A local attacker can trick the victim into opening a specially crafted data and perform a denial of service (DoS) attack.
14) NULL pointer dereference (CVE-ID: CVE-2020-35507)
The vulnerability allows a local attacker to perform a denial of service (DoS) attack.
The vulnerability exists in bfd_pef_parse_function_stubs of bfd/pef.c in binutils. A local attacker can trick the victim into opening a specially crafted data and perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.