exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Ubuntu Security Notice USN-2496-1

Posted Feb 9, 2015

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2496-1 - Michal Zalewski discovered that the setup_group function in libbfd in GNU binutils did not properly check group headers in ELF files. An attacker could use this to craft input that could cause a denial of service (application crash) or possibly execute arbitrary code. Hanno Boeck discovered that the _bfd_XXi_swap_aouthdr_in function in libbfd in GNU binutils allowed out-of-bounds writes. An attacker could use this to craft input that could cause a denial of service (application crash) or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary

systems | linux, ubuntu

advisories | CVE-2012-3509, CVE-2014-8484, CVE-2014-8485, CVE-2014-8501, CVE-2014-8502, CVE-2014-8503, CVE-2014-8504, CVE-2014-8737, CVE-2014-8738

SHA-256 | b6df17a5277d92fffca45fc1f904eb0996be802bd4b8791a28b757ad38007466

Download | Favorite | View

Related Files

No related files