Fedora has issued an advisory on October 8: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/23RIFYDK2JZDBZP6RPYXPF56HCYYKJDL/ The issue was fixed upstream on 2019-07-05. Mageia 7 is also affected.
Whiteboard: (none) => MGA7TOO
Assigning to DavidG because you have already done it ! (again...) "new version: 20191104, fixes CVE-2019-14249 (mga#25955)" CC'ing Thierry as the registered maintainer. This will need an advisory when pushed to core/updates & QA.
CC: (none) => thierry.vignaudAssignee: bugsquad => geiger.david68210
Indeed, fixed in libdwarf-20191104-1.mga8 by David.
Whiteboard: MGA7TOO => (none)Version: Cauldron => 7
Done!
Advisory: ======================== Updated libdwarf packages fix security vulnerability: dwarf_elf_load_headers.c in libdwarf before 2019-07-05 allows attackers to cause a denial of service (division by zero) via an ELF file with a zero-size section group (SHT_GROUP), as demonstrated by dwarfdump (CVE-2019-14249). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14249 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/23RIFYDK2JZDBZP6RPYXPF56HCYYKJDL/ ======================== Updated packages in core/updates_testing: ======================== libdwarf1-20191104-1.mga7 libdwarf-devel-20191104-1.mga7 libdwarf-static-20191104-1.mga7 libdwarf-tools-20191104-1.mga7 from libdwarf-20191104-1.mga7.src.rpm
CC: (none) => geiger.david68210Assignee: geiger.david68210 => qa-bugs
Mageia7, x86_64 Installed lib64dwarf1-20170709 et al. CVE-2019-13249 No reproducer available. Attempt to define what a DWARF is: A standardized debugging data format which uses Data Information Entries (DIEs) to represent variables, types, procedures etc. DIEs can be nested and contain attributes referring to the objects they represent or other DIEs. For further information see Wikipedia https://en.wikipedia.org/wiki/DWARF. $ urpmq -i libdwarf-tools [...] C++ version of dwarfdump (dwarfdump2) command-line utilities to access DWARF debug information. dwarfdump is proving difficult to locate: $ which dwarfdump -> nothing $ which dwarfdump2 -> nothing $ locate dwarfdump /usr/bin/llvm-dwarfdump ... $ apropos dwarfdump llvm-dwarfdump (1) - dump and verify DWARF debug information Looks like that might be it, but how does llvm get in on the act one wonders? Anybody know if this is the correct utility?
CC: (none) => tarazed25
Follow-on from comment 5. llvm-dwarfdump can certainly be run against ELF binaries to return a lot of information. $ rpm -q --whatprovides llvm-dwarfdump no package provides llvm-dwarfdump ??
$ urpmf llvm-dwarfdump llvm:/usr/bin/llvm-dwarfdump
CC: (none) => tmb
Ah. Takk Thomas. Updated all four packages. # updatedb $ locate dwarfdump /usr/bin/dwarfdump /usr/share/dwarfdump /usr/share/dwarfdump/dwarfdump.conf /usr/share/man/man1/dwarfdump.1.xz omitting llvm references. $ man dwarfdump now returns help information. $ dwarfdump -E /usr/bin/okular Info for 31 sections: Nro Index Address Size(h) Size(d) Name 1 0x001 0x004002a8 0x0000001c 00000028 .interp 2 0x002 0x004002c4 0x00000024 00000036 .note.gnu.build-id [...] 29 0x01d 0x00000000 0x00000dfc 00003580 .gnu_debugdata 30 0x01e 0x00000000 0x00000124 00000292 .shstrtab *** Summary: 139010 bytes for 30 section(s) *** $ dwarfdump --print-info /usr/bin/stellarium .debug_info $ dwarfdump -F /usr/bin/gimp-2.10 .eh_frame fde: < 0><0x0048d020:0x00498580><><cie offset 0x0000001c::cie index 1><fde offset 0x00000048 length: 0x00000024> <eh aug data len 0x0> 0x0048d020: <off cfa=16(r7) > <off r16=-8(cfa) > [...] 16 DW_CFA_offset r14 -24 18 DW_CFA_offset r15 -16 20 DW_CFA_nop 21 DW_CFA_nop 22 DW_CFA_nop We can take it that this is OK.
Whiteboard: (none) => MGA7-64-OK
Once again you have exceeded any abilities I might have had, Len. Thank you. Validating. Advisory in Comment 4.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2020-0017.html
Status: NEW => RESOLVEDResolution: (none) => FIXED