Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[ GLSA 201801-01 ] Binutils
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index News & Announcements
View previous topic :: View next topic  
Author Message
GLSA
Advocate
Advocate


Joined: 12 May 2004
Posts: 2091

PostPosted: Sun Jan 07, 2018 11:26 pm    Post subject: [ GLSA 201801-01 ] Binutils Reply with quote

Gentoo Linux Security Advisory

Title: Binutils: Multiple vulnerabilities (GLSA 201801-01)
Severity: normal
Exploitable: local, remote
Date: 2018-01-07
Bug(s): #624700, #627516, #628538, #629344, #629922, #631324, #632100, #632132, #632384, #632668, #633988, #635218, #635692, #635860, #635968
ID: 201801-01

Synopsis

Multiple vulnerabilities have been found in Binutils, the worst of
which may allow remote attackers to cause a Denial of Service condition.


Background

The GNU Binutils are a collection of tools to create, modify and analyse
binary files. Many of the files use BFD, the Binary File Descriptor
library, to do low-level manipulation.


Affected Packages

Package: sys-devel/binutils
Vulnerable: < 2.29.1-r1
Unaffected: >= 2.29.1-r1
Architectures: All supported architectures


Description

Multiple vulnerabilities have been discovered in Binutils. Please review
the referenced CVE identifiers for details.


Impact

A remote attacker, by enticing a user to compile/execute a specially
crafted ELF, tekhex, PE, or binary file, could possibly cause a Denial of
Service condition.


Workaround

There are no known workarounds at this time.

Resolution

All Binutils users should upgrade to the latest version:
Code:
# emerge --sync
      # emerge --ask --oneshot --verbose ">=sys-devel/binutils-2.29.1-r1"
   


References


CVE-2017-12456


CVE-2017-12799


CVE-2017-12967


CVE-2017-14128


CVE-2017-14129


CVE-2017-14130


CVE-2017-14333


CVE-2017-15023


CVE-2017-15938


CVE-2017-15939


CVE-2017-15996


CVE-2017-7209


CVE-2017-7210


CVE-2017-7223


CVE-2017-7224


CVE-2017-7225


CVE-2017-7227


CVE-2017-9743


CVE-2017-9746


CVE-2017-9749


CVE-2017-9750


CVE-2017-9751


CVE-2017-9755


CVE-2017-9756


Last edited by GLSA on Mon Jan 15, 2018 4:17 am; edited 1 time in total
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index News & Announcements All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum