View previous topic :: View next topic |
Author |
Message |
GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Sun Sep 17, 2017 4:26 pm Post subject: [ GLSA 201709-02 ] Binutils |
|
|
Gentoo Linux Security Advisory
Title: Binutils: Multiple vulnerabilities (GLSA 201709-02)
Severity: normal
Exploitable: remote
Date: 2017-09-17
Bug(s): #618006, #618514, #618516, #618520, #618826, #621130, #624524, #624702
ID: 201709-02
Synopsis
Multiple vulnerabilities have been found in Binutils, the worst of
which may allow remote attackers to cause a Denial of Service condition.
Background
The GNU Binutils are a collection of tools to create, modify and analyse
binary files. Many of the files use BFD, the Binary File Descriptor
library, to do low-level manipulation.
Affected Packages
Package: sys-devel/binutils
Vulnerable: < 2.28.1
Unaffected: >= 2.28.1
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in Binutils. Please review
References for additional information.
Impact
A remote attacker, by enticing a user to compile/execute a specially
crafted ELF file, PE File, or binary file, could possibly cause a Denial
of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All Binutils users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=sys-devel/binutils-2.28.1"
|
References
CVE-2017-6965
CVE-2017-6966
CVE-2017-6969
CVE-2017-7614
CVE-2017-8392
CVE-2017-8393
CVE-2017-8394
CVE-2017-8395
CVE-2017-8396
CVE-2017-8397
CVE-2017-8398
CVE-2017-8421
CVE-2017-9038
CVE-2017-9039
CVE-2017-9040
CVE-2017-9041
CVE-2017-9042
CVE-2017-9742
CVE-2017-9954
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|