[Bug gas/31115] [ARM] The minimalistic DWARF DIE for function has wrong address in Thumb mode
https://sourceware.org/bugzilla/show_bug.cgi?id=31115 Tom de Vries changed: What|Removed |Added CC||vries at gcc dot gnu.org --- Comment #6 from Tom de Vries --- Filed gdb counterpart PR tdep/31453. -- You are receiving this mail because: You are on the CC list for the bug.
integer overflow vulnerability in strings
There is an integer overflow in strings.c, which can lead to heap overflow leading to RCE on the strings binary. An attacker needs to have access to the `-n` parameter, to trigger this vulnerability. PoC: `strings -n 4294967295 /usr/bin/strings` the bug occurs here, in line 270: [image: image.png] And also here: [image: image.png] A CVE has been already assigned, its CVE-2024-27667.
[Bug gas/31115] [ARM] The minimalistic DWARF DIE for function has wrong address in Thumb mode
https://sourceware.org/bugzilla/show_bug.cgi?id=31115 Sam James changed: What|Removed |Added See Also||https://sourceware.org/bugz ||illa/show_bug.cgi?id=31453 -- You are receiving this mail because: You are on the CC list for the bug.
[Bug gas/31115] [ARM] The minimalistic DWARF DIE for function has wrong address in Thumb mode
https://sourceware.org/bugzilla/show_bug.cgi?id=31115 Sam James changed: What|Removed |Added CC||sam at gentoo dot org -- You are receiving this mail because: You are on the CC list for the bug.
Re: integer overflow vulnerability in strings
On Tue, Mar 05, 2024 at 09:16:51PM +0200, Itay Beladev wrote: > There is an integer overflow in strings.c, which can lead to heap overflow > leading to RCE on the strings binary. This is https://sourceware.org/bugzilla/show_bug.cgi?id=30595 and https://sourceware.org/bugzilla/show_bug.cgi?id=30598 which were fixed in June 2023. $ binutils/strings -n 4294967295 /usr/bin/strings binutils/strings: minimum string length 4294967295 is too big -- Alan Modra Australia Development Lab, IBM
