Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2017-9955

Published: 26 June 2017

The get_build_id function in opncls.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file in which a certain size field is larger than a corresponding data field, as demonstrated by mishandling within the objdump program.

Notes

AuthorNote
sbeattie 
PoC in bug report
leosilva 
fix for this issue causes a serious regression in xenial
in arm64 and armhf

Priority

Low

Cvss 3 Severity Score

5.5

Score breakdown

Status

Package Release Status
binutils
Launchpad, Ubuntu, Debian 		artful Not vulnerable
(2.29-1ubuntu1)
bionic Not vulnerable
(2.29-1ubuntu1)
cosmic Not vulnerable
(2.29-1ubuntu1)
disco Not vulnerable
(2.29-1ubuntu1)
eoan Not vulnerable
(2.29-1ubuntu1)
focal Not vulnerable
(2.29-1ubuntu1)
groovy Not vulnerable
(2.29-1ubuntu1)
hirsute Not vulnerable
(2.29-1ubuntu1)
impish Not vulnerable
(2.29-1ubuntu1)
jammy Not vulnerable
(2.29-1ubuntu1)
kinetic Not vulnerable
(2.29-1ubuntu1)
lunar Not vulnerable
(2.29-1ubuntu1)
mantic Not vulnerable
(2.29-1ubuntu1)
trusty Needed

upstream
Released (2.29)
xenial Needed

yakkety Ignored
(end of life)
zesty Ignored
(end of life)
Patches:
upstream: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=cfd14a500e0485374596234de4db10e88ebc7618
upstream: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=0630b49c470ca2e3c3f74da4c7e4ff63440dd71f
upstream: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=1f473e3d0ad285195934e6a077c7ed32afe66437
upstream: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ab27f80c5dceaa23c4ba7f62c0d5d22a5d5dd7a1
upstream: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7211ae501eb0de1044983f2dfb00091a58fbd66c
upstream: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ea9aafc41a764e4e2dbb88a7b031e886b481b99a
upstream: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=60a02042bacf8d25814430080adda61ed086bca6
upstream: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=bae7501e87ab614115d9d3213b4dd18d96e604db

Severity score breakdown

Parameter Value
Base score 5.5
Attack vector Local
Attack complexity Low
Privileges required None
User interaction Required
Scope Unchanged
Confidentiality None
Integrity impact None
Availability impact High
Vector CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading