905735 – (CVE-2014-8738) VUL-0: CVE-2014-8738: binutils: Out-of-bounds memory write while processing a crafted "ar" archive

Bug 905735 (CVE-2014-8738) - VUL-0: CVE-2014-8738: binutils: Out-of-bounds memory write while processing a crafted "ar" archive

Summary: VUL-0: CVE-2014-8738: binutils: Out-of-bounds memory write while processing a...

Status:	RESOLVED FIXED

Alias:	CVE-2014-8738

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Deadline:	2015-12-30
Assignee:	Michael Matz
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/110756/
Whiteboard:	maint:released:sle11-sp3:60333 CVSSv2...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2014-11-17 12:36 UTC by Johannes Segitz
Modified:	2016-09-08 20:23 UTC (History)
CC List:	5 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Johannes Segitz 2014-11-17 12:36:00 UTC

objdump will try to overwrite part of memory when processing a crafted "ar" archive file:
https://sourceware.org/bugzilla/show_bug.cgi?id=17533

Upstream patch:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=bb0d867169d7e9743d229804106a8fbcab7f3b3f

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1162666
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8738
http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-8738.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8738

Comment 2 Swamp Workflow Management 2014-11-17 23:00:13 UTC

bugbot adjusting priority

Comment 4 Swamp Workflow Management 2015-01-27 15:05:37 UTC

SUSE-SU-2015:0152-1: An update that fixes 8 vulnerabilities is now available.

Category: security (moderate)
Bug References: 902676,902677,903655,905735,905736
CVE References: CVE-2014-8484,CVE-2014-8485,CVE-2014-8501,CVE-2014-8502,CVE-2014-8503,CVE-2014-8504,CVE-2014-8737,CVE-2014-8738
Sources used:
SUSE Linux Enterprise Software Development Kit 12 (src):    binutils-2.24-7.1, cross-ppc-binutils-2.24-7.1, cross-spu-binutils-2.24-7.1
SUSE Linux Enterprise Server 12 (src):    binutils-2.24-7.1
SUSE Linux Enterprise Desktop 12 (src):    binutils-2.24-7.1

Comment 5 Swamp Workflow Management 2015-01-29 02:07:19 UTC

SUSE-SU-2015:0168-1: An update that fixes 8 vulnerabilities is now available.

Category: security (moderate)
Bug References: 902676,902677,903655,905735,905736
CVE References: CVE-2014-8484,CVE-2014-8485,CVE-2014-8501,CVE-2014-8502,CVE-2014-8503,CVE-2014-8504,CVE-2014-8737,CVE-2014-8738
Sources used:
SUSE Linux Enterprise Software Development Kit 11 SP3 (src):    binutils-2.23.1-0.23.15, cross-ppc-binutils-2.23.1-0.23.2, cross-spu-binutils-2.23.1-0.23.2
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    binutils-2.23.1-0.23.15
SUSE Linux Enterprise Server 11 SP3 (src):    binutils-2.23.1-0.23.15
SUSE Linux Enterprise Desktop 11 SP3 (src):    binutils-2.23.1-0.23.15

Comment 6 Forgotten User wTVQotM__m 2015-03-03 07:41:35 UTC

Huawei customers want a SLES 11sp1（i586/x86_64） patches，do you have updated the vulnerability ?

Comment 7 Michael Matz 2015-03-03 14:48:28 UTC

No.  If somebody tells me the right project to submit to, I can simply submit
the new SP3 variant, which includes the fixes.

Comment 8 Johannes Segitz 2015-03-13 13:10:08 UTC

all updates release. If Huawei wants this please open a L3

Comment 9 Swamp Workflow Management 2015-12-16 16:39:53 UTC

An update workflow for this issue was started.
This issue was rated as moderate.
Please submit fixed packages until 2015-12-30.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/62377

Comment 10 Tristan Ye 2016-02-05 03:41:22 UTC

Guys, can SLES 11SP1 also be affected by this issue?