[Bug tools/21299] New: heap-based buffer overflow in handle_gnu_hash (readelf.c)
ago at gentoo dot org
sourceware-bugzilla@sourceware.org
Fri Mar 24 09:09:00 GMT 2017
https://sourceware.org/bugzilla/show_bug.cgi?id=21299
Bug ID: 21299
Summary: heap-based buffer overflow in handle_gnu_hash
(readelf.c)
Product: elfutils
Version: unspecified
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: tools
Assignee: unassigned at sourceware dot org
Reporter: ago at gentoo dot org
CC: elfutils-devel at sourceware dot org
Target Milestone: ---
Created attachment 9936
--> https://sourceware.org/bugzilla/attachment.cgi?id=9936&action=edit
stacktrace
On elfutils-0.168:
# eu-readelf -a $FILE
READ of size 4 at 0x611000009ffc thread T0
#0 0x421a8b in handle_gnu_hash
/tmp/portage/dev-libs/elfutils-0.168/work/elfutils-0.168/src/readelf.c:3268
Compiled with: gcc-6.3.0
Reproducer:
https://github.com/asarubbo/poc/blob/master/00225-elfutils-heapoverflow-handle_gnu_hash
Stacktrace attached.
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the Elfutils-devel
mailing list