Invia #621878: GNU binutils--gdb 2.44 NULL Pointer Dereferenceinformazioni

Titolo	GNU binutils--gdb 2.44 NULL Pointer Dereference
Descrizione	GNU Binutils 2.44 contains a vulnerability in bfd_elf_get_str_section in bfd/elf.c, where it may attempt to write a null byte to memory that is mapped as read-only. This can be triggered by processing a crafted ELF binary with a malformed string table section, potentially resulting in a segmentation fault (denial of service). AddressSanitizer:DEADLYSIGNAL ================================================================= ==1027949==ERROR: AddressSanitizer: SEGV on unknown address 0x7f81c953cd5a (pc 0x00000071715a bp 0x7f81c9538d5b sp 0x7ffdd2831690 T0) ==1027949==The signal is caused by a WRITE memory access. #0 0x71715a in bfd_elf_get_str_section /home/binutils-gdb/build/bfd/../../../../bfd/elf.c:304:31 #1 0x717425 in bfd_elf_string_from_elf_section /home/binutils-gdb/build/bfd/../../../../bfd/elf.c:338:11 #2 0x729c54 in bfd_section_from_shdr /home/binutils-gdb/build/bfd/../../../../bfd/elf.c:2428:10 #3 0x840cc3 in bfd_elf32_object_p /home/binutils-gdb/build/bfd/../../../../bfd/elfcode.h:880:7 #4 0x688a92 in bfd_check_format_matches /home/binutils-gdb/build/bfd/../../../../bfd/format.c:530:17 #5 0x4d0609 in display_object_bfd /home/binutils-gdb/build/binutils/../../../../binutils/objdump.c:5854:7 #6 0x4d0609 in display_any_bfd /home/binutils-gdb/build/binutils/../../../../binutils/objdump.c:5943:5 #7 0x4ce3b3 in display_file /home/binutils-gdb/build/binutils/../../../../binutils/objdump.c:5964:3 #8 0x4ce3b3 in main /home/binutils-gdb/build/binutils/../../../../binutils/objdump.c:6381:6 #9 0x7f81ca23c082 in __libc_start_main /build/glibc-FcRMwW/glibc-2.31/csu/../csu/libc-start.c:308:16 #10 0x41d5dd in _start (/home/binutils-gdb/build/binutils/objdump+0x41d5dd) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV /home/binutils-gdb/build/bfd/../../../../bfd/elf.c:304:31 in bfd_elf_get_str_section ==1027949==ABORTING
Fonte	⚠️ https://sourceware.org/bugzilla/show_bug.cgi?id=32109
Utente	arthurx (UID 87796)
Sottomissione	24/07/2025 13:40 (11 mesi fa)
Moderazione	26/07/2025 14:56 (2 days later)
Stato	Accettato
Voce VulDB	317812 [GNU Binutils 2.44 BFD Library bfd/elf.c bfd_elf_get_str_section negazione del servizio]
Punti	20

◂ Precedente Visione D'ensemble Il prossimo ▸

Do you know our Splunk app?

Download it now for free!