Bug 1044885 - (CVE-2017-9745) VUL-0: CVE-2017-9745: binutils: DoS in _bfd_vms_slurp_etir function in bfd/vms-alpha.c
(CVE-2017-9745)
VUL-0: CVE-2017-9745: binutils: DoS in _bfd_vms_slurp_etir function in bfd/vm...
Status: RESOLVED INVALID
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Minor
: ---
Assigned To: Michael Matz
Security Team bot
https://smash.suse.de/issue/187039/
CVSSv3:SUSE:CVE-2017-9745:3.1:(AV:N/A...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-06-19 09:05 UTC by Alexander Bergmann
Modified: 2018-06-15 14:44 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bergmann 2017-06-19 09:05:58 UTC
CVE-2017-9745

The _bfd_vms_slurp_etir function in bfd/vms-alpha.c in the Binary File
Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28,
allows remote attackers to cause a denial of service (buffer overflow and
application crash) or possibly have unspecified other impact via a crafted
binary file, as demonstrated by mishandling of this file during "objdump -D"
execution.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-9745
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9745
https://sourceware.org/bugzilla/show_bug.cgi?id=21579
Comment 1 Alexander Bergmann 2017-06-19 09:09:34 UTC
Reproducer from https://sourceware.org/bugzilla/show_bug.cgi?id=21579 didn't work on SLE or openSUSE.

#> objdump -D testcase.cve-2017-9745 
objdump: testcase.cve-2017-9745: File format not recognized

However the affected/fixed code is present.
Comment 2 Michael Matz 2017-06-20 13:43:34 UTC
We don't enable the VMS-alpha subtarget in our binutils, the code isn't
compiled, we aren't affected.