{ "Definition": [ { "ID": "oval:org.altlinux.errata:def:20203433", "Version": "oval:org.altlinux.errata:def:20203433", "Class": "patch", "Metadata": { "Title": "ALT-PU-2020-3433: package `binutils` update to version 2.35.1-alt1", "AffectedList": [ { "Family": "unix", "Platforms": [ "ALT Linux branch c10f1" ], "Products": [ "ALT SP Workstation", "ALT SP Server" ] } ], "References": [ { "RefID": "ALT-PU-2020-3433", "RefURL": "https://errata.altlinux.org/ALT-PU-2020-3433", "Source": "ALTPU" }, { "RefID": "BDU:2019-00981", "RefURL": "https://bdu.fstec.ru/vul/2019-00981", "Source": "BDU" }, { "RefID": "BDU:2020-04872", "RefURL": "https://bdu.fstec.ru/vul/2020-04872", "Source": "BDU" }, { "RefID": "CVE-2019-12972", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-12972", "Source": "CVE" }, { "RefID": "CVE-2019-14250", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-14250", "Source": "CVE" }, { "RefID": "CVE-2019-14444", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-14444", "Source": "CVE" }, { "RefID": "CVE-2019-17450", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-17450", "Source": "CVE" }, { "RefID": "CVE-2019-17451", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-17451", "Source": "CVE" }, { "RefID": "CVE-2019-9070", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-9070", "Source": "CVE" }, { "RefID": "CVE-2019-9071", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-9071", "Source": "CVE" }, { "RefID": "CVE-2019-9072", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-9072", "Source": "CVE" }, { "RefID": "CVE-2019-9073", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-9073", "Source": "CVE" }, { "RefID": "CVE-2019-9074", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-9074", "Source": "CVE" }, { "RefID": "CVE-2019-9075", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-9075", "Source": "CVE" }, { "RefID": "CVE-2019-9076", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-9076", "Source": "CVE" }, { "RefID": "CVE-2019-9077", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-9077", "Source": "CVE" }, { "RefID": "CVE-2020-35493", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-35493", "Source": "CVE" }, { "RefID": "CVE-2020-35494", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-35494", "Source": "CVE" }, { "RefID": "CVE-2020-35495", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-35495", "Source": "CVE" }, { "RefID": "CVE-2020-35496", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-35496", "Source": "CVE" }, { "RefID": "CVE-2020-35507", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2020-35507", "Source": "CVE" }, { "RefID": "CVE-2021-20197", "RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2021-20197", "Source": "CVE" } ], "Description": "This update upgrades binutils to version 2.35.1-alt1. \nSecurity Fix(es):\n\n * BDU:2019-00981: Уязвимость функции _bfd_archive_64_bit_slurp_armap программного средства разработки GNU Binutils, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * BDU:2020-04872: Уязвимость библиотеки libbfd программного средства разработки GNU Binutils, позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2019-12972: An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\\0' character.\n\n * CVE-2019-14250: An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow.\n\n * CVE-2019-14444: apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf.\n\n * CVE-2019-17450: find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file.\n\n * CVE-2019-17451: An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c, as demonstrated by nm.\n\n * CVE-2019-9070: An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in cp-demangle.c after many recursive calls.\n\n * CVE-2019-9071: An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in d_count_templates_scopes in cp-demangle.c after many recursive calls.\n\n * CVE-2019-9072: An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in setup_group in elf.c.\n\n * CVE-2019-9073: An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in _bfd_elf_slurp_version_tables in elf.c.\n\n * CVE-2019-9074: An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c.\n\n * CVE-2019-9075: An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c.\n\n * CVE-2019-9076: An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an attempted excessive memory allocation in elf_read_notes in elf.c.\n\n * CVE-2019-9077: An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section.\n\n * CVE-2020-35493: A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap buffer overflow -\u003e out-of-bounds read that could lead to an impact to application availability. This flaw affects binutils versions prior to 2.34.\n\n * CVE-2020-35494: There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted input file to be processed by binutils could cause usage of uninitialized memory. The highest threat is to application availability with a lower threat to data confidentiality. This flaw affects binutils versions prior to 2.34.\n\n * CVE-2020-35495: There's a flaw in binutils /bfd/pef.c. An attacker who is able to submit a crafted input file to be processed by the objdump program could cause a null pointer dereference. The greatest threat from this flaw is to application availability. This flaw affects binutils versions prior to 2.34.\n\n * CVE-2020-35496: There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. This flaw affects binutils versions prior to 2.34.\n\n * CVE-2020-35507: There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability.\n\n * CVE-2021-20197: There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user (presumably as part of a script updating binaries across different users), an unprivileged user can trick these utilities into getting ownership of arbitrary files through a symlink.", "Advisory": { "From": "errata.altlinux.org", "Severity": "High", "Rights": "Copyright 2024 BaseALT Ltd.", "Issued": { "Date": "2020-12-01" }, "Updated": { "Date": "2020-12-01" }, "BDUs": [ { "ID": "BDU:2019-00981", "CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "CVSS3": "AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "CWE": "CWE-119", "Href": "https://bdu.fstec.ru/vul/2019-00981", "Impact": "Low", "Public": "20190219" }, { "ID": "BDU:2020-04872", "CVSS": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "CVSS3": "AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "CWE": "CWE-770", "Href": "https://bdu.fstec.ru/vul/2020-04872", "Impact": "Low", "Public": "20190219" } ], "CVEs": [ { "ID": "CVE-2019-12972", "CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "CWE": "CWE-125", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-12972", "Impact": "Low", "Public": "20190626" }, { "ID": "CVE-2019-14250", "CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "CWE": "CWE-787", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-14250", "Impact": "Low", "Public": "20190724" }, { "ID": "CVE-2019-14444", "CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "CWE": "CWE-190", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-14444", "Impact": "Low", "Public": "20190730" }, { "ID": "CVE-2019-17450", "CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "CWE": "CWE-674", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-17450", "Impact": "Low", "Public": "20191010" }, { "ID": "CVE-2019-17451", "CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "CWE": "CWE-190", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-17451", "Impact": "Low", "Public": "20191010" }, { "ID": "CVE-2019-9070", "CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-125", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-9070", "Impact": "High", "Public": "20190224" }, { "ID": "CVE-2019-9071", "CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "CWE": "CWE-674", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-9071", "Impact": "Low", "Public": "20190224" }, { "ID": "CVE-2019-9072", "CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "CWE": "CWE-770", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-9072", "Impact": "Low", "Public": "20190224" }, { "ID": "CVE-2019-9073", "CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "CWE": "CWE-770", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-9073", "Impact": "Low", "Public": "20190224" }, { "ID": "CVE-2019-9074", "CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "CWE": "CWE-125", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-9074", "Impact": "Low", "Public": "20190224" }, { "ID": "CVE-2019-9075", "CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-787", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-9075", "Impact": "High", "Public": "20190224" }, { "ID": "CVE-2019-9076", "CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "CWE": "CWE-770", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-9076", "Impact": "Low", "Public": "20190224" }, { "ID": "CVE-2019-9077", "CVSS": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "CWE": "CWE-787", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-9077", "Impact": "High", "Public": "20190224" }, { "ID": "CVE-2020-35493", "CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "CWE": "CWE-20", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-35493", "Impact": "Low", "Public": "20210104" }, { "ID": "CVE-2020-35494", "CVSS": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H", "CWE": "CWE-908", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-35494", "Impact": "Low", "Public": "20210104" }, { "ID": "CVE-2020-35495", "CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "CWE": "CWE-476", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-35495", "Impact": "Low", "Public": "20210104" }, { "ID": "CVE-2020-35496", "CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "CWE": "CWE-476", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-35496", "Impact": "Low", "Public": "20210104" }, { "ID": "CVE-2020-35507", "CVSS": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "CWE": "CWE-476", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2020-35507", "Impact": "Low", "Public": "20210104" }, { "ID": "CVE-2021-20197", "CVSS": "AV:L/AC:M/Au:N/C:P/I:P/A:N", "CVSS3": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "CWE": "CWE-59", "Href": "https://nvd.nist.gov/vuln/detail/CVE-2021-20197", "Impact": "Low", "Public": "20210326" } ], "AffectedCPEs": { "CPEs": [ "cpe:/o:alt:spworkstation:10", "cpe:/o:alt:spserver:10" ] } } }, "Criteria": { "Operator": "AND", "Criterions": [ { "TestRef": "oval:org.altlinux.errata:tst:4001", "Comment": "ALT Linux must be installed" } ], "Criterias": [ { "Operator": "OR", "Criterions": [ { "TestRef": "oval:org.altlinux.errata:tst:20203433001", "Comment": "binutils is earlier than 1:2.35.1-alt1" }, { "TestRef": "oval:org.altlinux.errata:tst:20203433002", "Comment": "binutils-devel is earlier than 1:2.35.1-alt1" }, { "TestRef": "oval:org.altlinux.errata:tst:20203433003", "Comment": "binutils-source is earlier than 1:2.35.1-alt1" }, { "TestRef": "oval:org.altlinux.errata:tst:20203433004", "Comment": "libctf-nobfd0 is earlier than 1:2.35.1-alt1" } ] } ] } } ] }