Arch Linux Security Advisory ASA-201411-20 ========================================== Severity: Medium Date : 2014-11-19 CVE-ID : CVE-2014-8484 CVE-2014-8485 CVE-2014-8501 CVE-2014-8502 CVE-2014-8503 CVE-2014-8504 CVE-2014-8737 CVE-2014-8738 Package : avr-binutils Type : multiple issues Remote : No Link : https://wiki.archlinux.org/index.php/CVE-2014 Summary ======= The package avr-binutils before version 2.24-3 is vulnerable to multiple issues including but not limited to denial of service, directory traversal, heap and stack overflow leading to possible code execution. Resolution ========== Upgrade to 2.24-3. # pacman -Syu "avr-binutils>=2.24-3" The problems have been fixed upstream but no release is available yet. Workaround ========== None. Description =========== - CVE-2014-8484 (invalid read) Invalid read flaw leads to denial of service while parsing specially crafted files in programs using libbfd. - CVE-2014-8485 (out-of-bounds write) Lack of range checking leading to controlled write in _bfd_elf_setup_sections() which results in denial of service or possible code execution in programs using libbfd. - CVE-2014-8501 (out-of-bounds write) Out-of-bounds write when parsing specially crafted PE executable leads to denial of service in "strings", "nm" and "objdump". - CVE-2014-8502 (heap overflow) Heap buffer overflow when parsing specially crafted PE executable leads to denial of service in "objdump". - CVE-2014-8503 (stack overflow) Stack overflow in "objdump" when parsing specially crafted ihex files leads to denial of service or code execution. - CVE-2014-8504 (stack overflow) Stack overflow in the SREC parser leads to denial of service or code execution when parsing specially crafted files. - CVE-2014-8737 (directory traversal) Directory traversal vulnerability allowing arbitrary file deletion and creation. - CVE-2014-8738 (out-of-bounds write) Out-of-bounds memory write while processing a crafted "ar" archive leads to denial of service in "objdump". Impact ====== An attacker with specially crafted files can perform denial of service, directory traversal, heap and stack overflow leading to possible code execution. Programs using libbfd may also be remotely exploitable. References ========== https://access.redhat.com/security/cve/CVE-2014-8484 https://access.redhat.com/security/cve/CVE-2014-8485 https://access.redhat.com/security/cve/CVE-2014-8501 https://access.redhat.com/security/cve/CVE-2014-8502 https://access.redhat.com/security/cve/CVE-2014-8503 https://access.redhat.com/security/cve/CVE-2014-8504 https://access.redhat.com/security/cve/CVE-2014-8737 https://access.redhat.com/security/cve/CVE-2014-8738 http://seclists.org/oss-sec/2014/q4/424 http://seclists.org/oss-sec/2014/q4/599 https://bugs.archlinux.org/task/42773