https://sourceware.org/bugzilla/show_bug.cgi?id=23787
--- Comment #18 from Steven Smith <ptestpage32 at gmail dot com> --- If you want to login to the Linksys router you can login with https://mywifiextnets.net/linksys-default-password/ and setup your router.(In reply to Mark Wielaard from comment #4) > For reference this was assigned CVE-2018-18520. > > Note that the description of the CVE is misleading. > The bug is in eu-size, not in libelf elf_end. If you want to login to the Linksys router you can login with https://mywifiextnets.net/linksys-default-password/ and setup your router.(In reply to wcventure from comment #0) > Created attachment 11338 [details] > POC1 > > Hi, > > Our fuzzer found an Invalid Address Deference problem in function elf_end in > libelf the latest elfutils-0.174 code base. I have confirmed them with > Address Sanitizer, too. > > The function elf_end is called by size.c. Here are the POC files. Please use > " ./eu-size $POC " to reproduce this bug. > > The ASAN dumps the stack trace as follows: > ASAN:DEADLYSIGNAL > ================================================================= > ==21938==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000010 (pc > 0x7f1a0efb3cd6 bp 0x7ffd04b5dc40 sp 0x7ffd04b5db50 T0) > ==21938==The signal is caused by a READ memory access. > ==21938==Hint: address points to the zero page. > #0 0x7f1a0efb3cd5 in elf_end > (/usr/lib/x86_64-linux-gnu/libelf.so.1+0x4cd5) > #1 0x405aa2 in handle_ar > /media/hjwang/01D3344861A8D2E0/wcventure/Project/elfutils/src/size.c:373 > #2 0x401c7a in process_file > /media/hjwang/01D3344861A8D2E0/wcventure/Project/elfutils/src/size.c:294 > #3 0x401c7a in main > /media/hjwang/01D3344861A8D2E0/wcventure/Project/elfutils/src/size.c:186 > #4 0x7f1a0ec0582f in __libc_start_main > (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) > #5 0x4029f8 in _start > (/media/hjwang/01D3344861A8D2E0/wcventure/Project/elfutils/build/bin/eu- > size+0x4029f8) > > AddressSanitizer can not provide additional info. > SUMMARY: AddressSanitizer: SEGV > (/usr/lib/x86_64-linux-gnu/libelf.so.1+0x4cd5) in elf_end > ==21938==ABORTING > Aborted https://printertestpage.co/ is the site which is available 24hrs. For troubleshoot your printer. -- You are receiving this mail because: You are on the CC list for the bug.
