إرسال #496486: GNU elfutils/eu-readelf 0.192 illegal read accessالمعلومات

عنوان	GNU elfutils/eu-readelf 0.192 illegal read access
الوصف	Description A segv can occur in eu-readelf when using the -z and -p options with a specially crafted input file. This issue leads to buffer-overflow Affected Version elfutils 0.192 Steps to Reproduce Build elfutils 0.192 with AddressSanitizer (e.g., CFLAGS="-g -fsanitize=address" ./configure && make -j). /mnt/data/optfuzz/benchmark/elfutils-0.192/bins/bin/eu-readelf -z -p1 /tmp/poc AddressSanitizer:DEADLYSIGNAL ================================================================= ==2566871==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7fa60ec194d0 bp 0x7ffc5632a850 sp 0x7ffc56329fb0 T0) ==2566871==The signal is caused by a READ memory access. ==2566871==Hint: address points to the zero page. #0 0x7fa60ec194cf in __interceptor_strncmp ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:449 #1 0x56352eba5c4d in startswith ../lib/system.h:117 #2 0x56352ec022be in print_string_section /mnt/data/optfuzz/benchmark/elfutils-0.192/src/readelf.c:13363 #3 0x56352ec02ad5 in for_each_section_argument /mnt/data/optfuzz/benchmark/elfutils-0.192/src/readelf.c:13440 #4 0x56352ec02ed4 in dump_strings /mnt/data/optfuzz/benchmark/elfutils-0.192/src/readelf.c:13476 #5 0x56352ebab07d in process_elf_file /mnt/data/optfuzz/benchmark/elfutils-0.192/src/readelf.c:1082 #6 0x56352eba9b5b in process_dwflmod /mnt/data/optfuzz/benchmark/elfutils-0.192/src/readelf.c:840 #7 0x7fa60f6e3708 in dwfl_getmodules /mnt/data/optfuzz/benchmark/elfutils-0.192/libdwfl/dwfl_getmodules.c:86 #8 0x56352ebaa5b9 in process_file /mnt/data/optfuzz/benchmark/elfutils-0.192/src/readelf.c:948 #9 0x56352eba81e6 in main /mnt/data/optfuzz/benchmark/elfutils-0.192/src/readelf.c:417 #10 0x7fa60e958082 in __libc_start_main ../csu/libc-start.c:308 #11 0x56352eba5b2d in _start (/mnt/data/optfuzz/benchmark/elfutils-0.192/bins/bin/eu-readelf+0x6bb2d) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:449 in __interceptor_strncmp ==2566871==ABORTING Env Distributor ID: Ubuntu Description: Ubuntu 20.04.6 LTS Release: 20.04 Codename: focal
المصدر	⚠️ https://sourceware.org/bugzilla/show_bug.cgi?id=32657
المستخدم	rookie (UID 80861)
ارسال	07/02/2025 10:31 AM (1 سنة منذ)
الاعتدال	16/02/2025 11:39 AM (9 days later)
الحالة	مكرر
إدخال VulDB	295981 [GNU elfutils 0.192 eu-readelf readelf.c dump_data_section/print_string_section z/x تلف الذاكرة]
النقاط	0

التالي ▸نظرة عامة ◂ السابق

Want to know what is going to be exploited?

We predict KEV entries!