Details on a security issue in elfutils were released today (April 9): http://openwall.com/lists/oss-security/2014/04/09/12 Patched packages uploaded for Mageia 3, Mageia 4, and Cauldron. Advisory: ======================== Updated elfutils packages fix security vulnerability: The libdw library provides support for accessing DWARF debugging information inside ELF files. An integer overflow flaw in check_section(), leading to a heap-based buffer overflow, was found in the libdw library. A malicious ELF file could cause an application using libdw (such as eu-readelf) to crash or, potentially, execute arbitrary code with the privileges of the user running the application (CVE-2014-0172). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0172 https://bugzilla.redhat.com/show_bug.cgi?id=1085663 ======================== Updated packages in core/updates_testing: ======================== elfutils-0.155-2.1.mga3 libelfutils-devel-0.155-2.1.mga3 libelfutils-static-devel-0.155-2.1.mga3 libelfutils1-0.155-2.1.mga3 elfutils-0.157-3.1.mga4 libelfutils-devel-0.157-3.1.mga4 libelfutils-static-devel-0.157-3.1.mga4 libelfutils1-0.157-3.1.mga4 from SRPMS: elfutils-0.155-2.1.mga3.src.rpm elfutils-0.157-3.1.mga4.src.rpm Reproducible: Steps to Reproduce:
Whiteboard: (none) => MGA3TOO
No PoC. Easy to test. It dumps pages of gobbledegook. Find commands available in the package.. $ urpmf elfutils | grep bin Test using one of them.. $ eu-objdump -s /usr/bin/eu-objdump /usr/bin/eu-objdump: elf32-elf_i386 Contents of section .interp: 0000 2f6c6962 2f6c642d 6c696e75 782e736f /lib/ld-linux.so 0010 2e3200 .2. Contents of section .init: 0000 5383ec08 e88b0500 0081c30b 6100008b S...........a... 0010 83f4ffff ff85c074 05e8c601 000083c4 .......t........ 0020 085bc3 ...etc.
Whiteboard: MGA3TOO => MGA3TOO has_procedure
Testing complete mga3 32 and mga4 32 & 64. Needs testing mga3 64 to validate.
Whiteboard: MGA3TOO has_procedure => MGA3TOO has_procedure mga3-32-ok mga4-32-ok mga4-64-ok
Advisory uploaded.
Whiteboard: MGA3TOO has_procedure mga3-32-ok mga4-32-ok mga4-64-ok => MGA3TOO has_procedure advisory mga3-32-ok mga4-32-ok mga4-64-ok
Testing complete mga3 64 Validating. Could sysadmin please push to 3 & 4 updates Thanks
Keywords: (none) => validated_updateWhiteboard: MGA3TOO has_procedure advisory mga3-32-ok mga4-32-ok mga4-64-ok => MGA3TOO has_procedure advisory mga3-32-ok mga3-64-ok mga4-32-ok mga4-64-okCC: (none) => sysadmin-bugs
Update pushed: http://advisories.mageia.org/MGASA-2014-0177.html
Status: NEW => RESOLVEDCC: (none) => mageiaResolution: (none) => FIXED
URL: (none) => http://lwn.net/Vulnerabilities/595046/