http://bugzilla.opensuse.org/show_bug.cgi?id=1038878 Bug ID: 1038878 Summary: VUL-1: binutils: signed integer overflow Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.2 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: mikhail.kasimov@gmail.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Created attachment 724893 --> http://bugzilla.opensuse.org/attachment.cgi?id=724893&action=edit binutils-signintoverflow_reproducer Ref: https://blogs.gentoo.org/ago/2017/05/12/binutils-multiple-crashes/ ======================================================================= # readelf -a $FILE /tmp/portage/sys-devel/binutils-9999/work/binutils/binutils/readelf.c:9447:39: runtime error: signed integer overflow: 7443 - -9223372036854775080 cannot be represented in type 'long' Affected version: master at 2017-04-12 (dunno about other versions) Fixed version: N/A Reproducer: https://github.com/asarubbo/poc/blob/master/00275-binutils-signintoverflow Commit fix: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7296a62a2a237f6b1... ======================================================================= (open-)SUSE: https://software.opensuse.org/package/binutils 2.28 (TW, official repo) 2.26.1 (42.{1,2}, official repo) -- You are receiving this mail because: You are on the CC list for the bug.