Описание
ELSA-2019-2075: binutils security and bug fix update (MODERATE)
[2.27-41.base.0.1]
- Complete the backport of upstream commit a5def14f1ca70e14d9433cb229c9369fa3051598 Add a test for R_386_GOT32/R_386_GOT32X IFUNC reloc error [Orabug 27930573]
- Reviewed-by: Jose E. Marchesi jose.marchesi@oracle.com
[2.27-41.base]
- Fix up some linker tests that fail because of the R_x86_64_GOTPCRELX patch. (#1699745)
[2.27-40.base]
- Enable gold for PowerPC and s390x. (#1670014)
[2.27-39.base]
- Fix a potential illegal memory access triggered by an integer overflow. (#1665884)
[2.27-38.base]
- Disable optimizations of x06_64 PLT entries. (#1624779)
[2.27-37.base]
- Add the .attach-to-group pseudo-op to the assembler. (#1652587)
[2.27-36.base]
- Prevent resource exhaustion attacks on libibertys name demangling code. (#1598561)
[2.27-35.base]
- Stop strip crashing when removing .comment sections. (#1644632)
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
binutils
2.27-41.base.0.2.el7
binutils-devel
2.27-41.base.0.2.el7
Oracle Linux x86_64
binutils
2.27-41.base.0.1.el7
binutils-devel
2.27-41.base.0.1.el7
Связанные CVE
Связанные уязвимости
binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f.
binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f.
binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f.
binutils version 2.32 and earlier contains a Integer Overflow vulnerab ...
binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow. Successful exploitation allows execution of arbitrary code.. This attack appear to be exploitable via Local. This vulnerability appears to have been fixed in after commit 3a551c7a1b80fca579461774860574eabfd7f18f.