Bug 1061630 - (CVE-2017-15025) VUL-0: CVE-2017-15025: binutils: denial of service in decode_line_info in dwarf2.c
(CVE-2017-15025)
VUL-0: CVE-2017-15025: binutils: denial of service in decode_line_info in dwa...
Status: RESOLVED WONTFIX
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Michael Matz
Security Team bot
https://smash.suse.de/issue/192846/
CVSSv2:SUSE:CVE-2017-15025:5.0:(AV:N/...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-10-04 15:28 UTC by Alexander Bergmann
Modified: 2020-04-01 16:59 UTC (History)
3 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments
QA Reproducer (30.52 KB, application/octet-stream)
2017-10-04 15:30 UTC, Alexander Bergmann
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bergmann 2017-10-04 15:28:21 UTC
CVE-2017-15025

decode_line_info in dwarf2.c in the Binary File Descriptor (BFD)
library (aka libbfd), as distributed in GNU Binutils 2.29, allows
remote attackers to cause a denial of service (divide-by-zero error and
application crash) via a crafted ELF file.

Upstream bug:
https://sourceware.org/bugzilla/show_bug.cgi?id=22186
https://blogs.gentoo.org/ago/2017/10/03/binutils-divide-by-zero-in-decode_line_info-dwarf2-c/

Upstream fix:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d8010d3e75ec7194a4703774090b27486b742d48

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-15025
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15025
Comment 1 Alexander Bergmann 2017-10-04 15:30:22 UTC
Created attachment 743048 [details]
QA Reproducer

#> nm -A -a -l -S -s --special-syms --synthetic -D 00372-binutils-FPE-decode_line_info
...
Floating point exception (core dumped)
Comment 2 Johannes Segitz 2018-06-18 11:21:07 UTC
SUSE will not provide a fix for this issue since the risk to our customers posed by it is negligible.