[Bug general/22976] global-buffer-overflow in ebl_dynamic_tag_name (libebl/ebldynamictagname.c)
mark at klomp dot org
sourceware-bugzilla@sourceware.org
Mon Mar 26 12:17:00 GMT 2018
https://sourceware.org/bugzilla/show_bug.cgi?id=22976
--- Comment #3 from Mark Wielaard <mark at klomp dot org> ---
I noticed there is a CVE linked to this bug report:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8769
Note that this bug was NOT in a released version of elfutils.
It was introduced by the import of elf.h by:
commit 88f3d2daa107b09fdba376a82bce7ed534c93645
Author: Mark Wielaard <mark@klomp.org>
Date: Sat Feb 17 00:23:19 2018 +0100
libelf: Sync elf.h from glibc.
Signed-off-by: Mark Wielaard <mark@klomp.org>
This was done after 0.170 was released.
But that commit was backported into the Fedora elfutils package as part of the
elfutils-0.170-elf_sync.patch to add some other non-related PowerPC
improvements.
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the Elfutils-devel
mailing list