{"id":"USN-2496-1","summary":"binutils vulnerabilities","details":"Michal Zalewski discovered that the setup_group function in libbfd in\nGNU binutils did not properly check group headers in ELF files. An\nattacker could use this to craft input that could cause a denial\nof service (application crash) or possibly execute arbitrary code.\n(CVE-2014-8485)\n\nHanno Böck discovered that the _bfd_XXi_swap_aouthdr_in function\nin libbfd in GNU binutils allowed out-of-bounds writes. An\nattacker could use this to craft input that could cause a denial\nof service (application crash) or possibly execute arbitrary code.\n(CVE-2014-8501)\n\nHanno Böck discovered a heap-based buffer overflow in the\npe_print_edata function in libbfd in GNU binutils. An attacker\ncould use this to craft input that could cause a denial of service\n(application crash) or possibly execute arbitrary code. (CVE-2014-8502)\n\nAlexander Cherepanov discovered multiple directory traversal\nvulnerabilities in GNU binutils. An attacker could use this to craft\ninput that could delete arbitrary files. (CVE-2014-8737)\n\nAlexander Cherepanov discovered the _bfd_slurp_extended_name_table\nfunction in libbfd in GNU binutils allowed invalid writes when handling\nextended name tables in an archive. An attacker could use this to\ncraft input that could cause a denial of service (application crash)\nor possibly execute arbitrary code. (CVE-2014-8738)\n\nHanno Böck discovered a stack-based buffer overflow in the ihex_scan\nfunction in libbfd in GNU binutils. An attacker could use this\nto craft input that could cause a denial of service (application\ncrash). (CVE-2014-8503)\n\nMichal Zalewski discovered a stack-based buffer overflow in the\nsrec_scan function in libbfd in GNU binutils. An attacker could\nuse this to to craft input that could cause a denial of service\n(application crash); the GNU C library's Fortify Source printf\nprotection should prevent the possibility of executing arbitrary code.\n(CVE-2014-8504)\n\nMichal Zalewski discovered that the srec_scan function in libbfd\nin GNU binutils allowed out-of-bounds reads. An attacker could\nuse this to craft input to cause a denial of service. This issue\nonly affected Ubuntu 14.04 LTS, Ubuntu 12.04 LTS, and Ubuntu 10.04\nLTS. (CVE-2014-8484)\n\nSang Kil Cha discovered multiple integer overflows in the\n_objalloc_alloc function and objalloc_alloc macro in binutils. This\ncould allow an attacker to cause a denial of service (application\ncrash). This issue only affected Ubuntu 12.04 LTS and Ubuntu 10.04 LTS.\n(CVE-2012-3509)\n\nAlexander Cherepanov and Hanno Böck discovered multiple additional\nout-of-bounds reads and writes in GNU binutils. An attacker could use\nthese to craft input that could cause a denial of service (application\ncrash) or possibly execute arbitrary code. A few of these issues may\nbe limited in exposure to a denial of service (application abort)\nby the GNU C library's Fortify Source printf protection.\n\nThe strings(1) utility in GNU binutils used libbfd by default when\nexamining executable object files; unfortunately, libbfd was not\noriginally developed with the expectation of hostile input. As\na defensive measure, the behavior of strings has been changed to\ndefault to 'strings --all' behavior, which does not use libbfd; use\nthe new argument to strings, '--data', to recreate the old behavior.\n","modified":"2026-02-10T04:40:52Z","published":"2015-02-09T21:39:27Z","related":["UBUNTU-CVE-2014-8484","UBUNTU-CVE-2014-8485","UBUNTU-CVE-2014-8501","UBUNTU-CVE-2014-8502","UBUNTU-CVE-2014-8503","UBUNTU-CVE-2014-8504","UBUNTU-CVE-2014-8737","UBUNTU-CVE-2014-8738"],"upstream":["CVE-2012-3509","CVE-2014-8484","CVE-2014-8485","CVE-2014-8501","CVE-2014-8502","CVE-2014-8503","CVE-2014-8504","CVE-2014-8737","CVE-2014-8738","UBUNTU-CVE-2012-3509","UBUNTU-CVE-2014-8484","UBUNTU-CVE-2014-8485","UBUNTU-CVE-2014-8501","UBUNTU-CVE-2014-8502","UBUNTU-CVE-2014-8503","UBUNTU-CVE-2014-8504","UBUNTU-CVE-2014-8737","UBUNTU-CVE-2014-8738"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-2496-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2012-3509"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2014-8484"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2014-8485"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2014-8501"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2014-8502"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2014-8503"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2014-8504"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2014-8737"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2014-8738"}],"affected":[{"package":{"name":"binutils","ecosystem":"Ubuntu:14.04:LTS","purl":"pkg:deb/ubuntu/binutils@2.24-5ubuntu3.1?arch=source&distro=trusty"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.24-5ubuntu3.1"}]}],"versions":["2.23.52.20130913-0ubuntu1","2.23.90.20131017-1ubuntu1","2.23.90.20131116-1ubuntu1","2.23.91.20131123-1ubuntu1","2.24-1ubuntu1","2.24-1ubuntu2","2.24-2ubuntu1","2.24-2ubuntu2","2.24-2ubuntu3","2.24-4ubuntu1","2.24-5ubuntu1","2.24-5ubuntu2","2.24-5ubuntu3"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_version":"2.24-5ubuntu3.1","binary_name":"binutils"},{"binary_version":"2.24-5ubuntu3.1","binary_name":"binutils-dev"},{"binary_version":"2.24-5ubuntu3.1","binary_name":"binutils-multiarch"},{"binary_version":"2.24-5ubuntu3.1","binary_name":"binutils-multiarch-dev"},{"binary_version":"2.24-5ubuntu3.1","binary_name":"binutils-source"},{"binary_version":"2.24-5ubuntu3.1","binary_name":"binutils-static"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-2496-1.json","cves_map":{"cves":[{"severity":[{"score":"medium","type":"Ubuntu"}],"id":"CVE-2014-8484"},{"severity":[{"score":"medium","type":"Ubuntu"}],"id":"CVE-2014-8485"},{"severity":[{"score":"medium","type":"Ubuntu"}],"id":"CVE-2014-8501"},{"severity":[{"score":"medium","type":"Ubuntu"}],"id":"CVE-2014-8502"},{"severity":[{"score":"medium","type":"Ubuntu"}],"id":"CVE-2014-8503"},{"severity":[{"score":"medium","type":"Ubuntu"}],"id":"CVE-2014-8504"},{"severity":[{"score":"medium","type":"Ubuntu"}],"id":"CVE-2014-8737"},{"severity":[{"score":"medium","type":"Ubuntu"}],"id":"CVE-2014-8738"}],"ecosystem":"Ubuntu:14.04:LTS"}}}],"schema_version":"1.7.3"}