Bug 1061630 (CVE-2017-15025)

Summary: VUL-0: CVE-2017-15025: binutils: denial of service in decode_line_info in dwarf2.c
Product: [Novell Products] SUSE Security Incidents Reporter: Alexander Bergmann <abergmann>
Component: IncidentsAssignee: Michael Matz <matz>
Status: RESOLVED WONTFIX QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: abergmann, jsegitz, smash_bz
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/192846/
Whiteboard: CVSSv2:SUSE:CVE-2017-15025:5.0:(AV:N/AC:L/Au:N/C:N/I:N/A:P) CVSSv3:SUSE:CVE-2017-15025:5.3:(AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) CVSSv3:RedHat:CVE-2017-15025:3.3:(AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) CVSSv3:NVD:CVE-2017-15025:5.5:(AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Attachments: QA Reproducer

Description Alexander Bergmann 2017-10-04 15:28:21 UTC
CVE-2017-15025

decode_line_info in dwarf2.c in the Binary File Descriptor (BFD)
library (aka libbfd), as distributed in GNU Binutils 2.29, allows
remote attackers to cause a denial of service (divide-by-zero error and
application crash) via a crafted ELF file.

Upstream bug:
https://sourceware.org/bugzilla/show_bug.cgi?id=22186
https://blogs.gentoo.org/ago/2017/10/03/binutils-divide-by-zero-in-decode_line_info-dwarf2-c/

Upstream fix:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d8010d3e75ec7194a4703774090b27486b742d48

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15025
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15025
Comment 1 Alexander Bergmann 2017-10-04 15:30:22 UTC
Created attachment 743048 [details]
QA Reproducer

#> nm -A -a -l -S -s --special-syms --synthetic -D 00372-binutils-FPE-decode_line_info
...
Floating point exception (core dumped)
Comment 2 Johannes Segitz 2018-06-18 11:21:07 UTC
SUSE will not provide a fix for this issue since the risk to our customers posed by it is negligible.