GNU libiberty Buffer Overflow

2017.07.29
Credit: Marcel Böhme
Risk: High
Local: No
Remote: No
CVE: N/A
CWE: CWE-119

The attached program binary causes a buffer overflow in cplus-dem.c when it tries to demangle specially crafted function arguments in the binary. Both the buffer size as well as the buffer content are controlled from the binary. objdump -x -C <file> nm -C <file> Tested on the following configurations * 2.6.32-573.7.1.el6.x86_64 #1 SMP Tue Sep 22 22:00:00 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux * 4.1.12-boot2docker #1 SMP Tue Nov 3 06:03:36 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux * Binutils versions: 2.20 and 2.26 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=69687

References:

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=69687


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2017, cxsecurity.com

 

Back to Top