http://bugzilla.opensuse.org/show_bug.cgi?id=1038881 Bug ID: 1038881 Summary: VUL-1: binutils: NULLptr-print_symbol_for_build_attribute Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.2 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: mikhail.kasimov@gmail.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Created attachment 724895 --> http://bugzilla.opensuse.org/attachment.cgi?id=724895&action=edit NULLptr-print_symbol_for_build_attribute_reproducer Ref: https://blogs.gentoo.org/ago/2017/05/12/binutils-multiple-crashes/ ======================================================================= # readelf -a $FILE ==7569==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000004 (pc 0x0000005ca9f5 bp 0x7ffcef629b70 sp 0x7ffcef629b20 T0) ==7569==The signal is caused by a READ memory access. ==7569==Hint: address points to the zero page. #0 0x5ca9f4 in print_symbol_for_build_attribute /tmp/portage/sys-devel/binutils-9999/work/binutils/binutils/readelf.c:16671:16 #1 0x5c2d08 in process_note /tmp/portage/sys-devel/binutils-9999/work/binutils/binutils/readelf.c #2 0x5bc388 in process_notes_at /tmp/portage/sys-devel/binutils-9999/work/binutils/binutils/readelf.c:17232:13 #3 0x5bbc82 in process_corefile_note_segments /tmp/portage/sys-devel/binutils-9999/work/binutils/binutils/readelf.c:17262:8 #4 0x548d86 in process_object /tmp/portage/sys-devel/binutils-9999/work/binutils/binutils/readelf.c #5 0x5167f8 in process_file /tmp/portage/sys-devel/binutils-9999/work/binutils/binutils/readelf.c:18055:13 #6 0x5167f8 in main /tmp/portage/sys-devel/binutils-9999/work/binutils/binutils/readelf.c:18127 #7 0x7f8ede38078f in __libc_start_main /tmp/portage/sys-libs/glibc-2.23-r3/work/glibc-2.23/csu/../csu/libc-start.c:289 #8 0x41a088 in getenv (/usr/x86_64-pc-linux-gnu/binutils-bin/git/readelf+0x41a088) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV /tmp/portage/sys-devel/binutils-9999/work/binutils/binutils/readelf.c:16671:16 in print_symbol_for_build_attribute ==7569==ABORTING Affected version: master at 2017-04-12 (dunno about other versions) Fixed version: N/A Reproducer: https://github.com/asarubbo/poc/blob/master/00273-binutils-NULLptr-print_sym... Commit fix: N/A, seems to be fixed by one of the previous commits. ======================================================================= -- You are receiving this mail because: You are on the CC list for the bug.