CentOS 6 ELS: binutils package gradual rollout completed - TuxCare
TuxCare Blog News

CentOS 6 ELS: binutils package gradual rollout completed

December 6, 2021

A new updated binutils package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production repository.

CHANGELOG

binutils-2.20.51.0.2-5.48.1.el6.tuxcare.els2

  • Fix global buffer overflow (of size 1) (CVE-2017-7223)
  • Fix invalid write (of size 1) while disassembling (CVE-2017-7224)
  • Fix NULL pointer dereference and an invalid write (CVE-2017-7225)
  • Fix heap-based buffer over-read of size 4049 (CVE-2017-7226)
  • Fix heap-based buffer overflow (CVE-2017-7227)
  • Fix invalid read (of size 8) in ELF reloc section (CVE-2017-7299)
  • Fix heap-based buffer over-read (off-by-one) (CVE-2017-7300)
  • Fix off-by-one vulnerability (CVE-2017-7301)
  • Fix invalid read (of size 4) (CVE-2017-7302)
  • Fix undefined behavior issue (CVE-2017-7614)
  • Fix global buffer over-read error (CVE-2017-8393)
  • Fix invalid read of size 4 due to NULL pointer dereferencing (CVE-2017-8394)
  • Fix invalid read of size 1 during dumping of debug information (CVE-2017-8398)
  • Fix memory leak vulnerability (CVE-2017-8421)
  • Fix buffer overflow (CVE-2017-9742)
  • Fix buffer overflow (CVE-2017-9744)
  • Fix buffer overflow (CVE-2017-9747)
  • Fix buffer overflow (CVE-2017-9748)
  • Fix buffer overflow (CVE-2017-9749)
  • Fix buffer overflow (CVE-2017-9753)
  • Fix buffer overflow (CVE-2017-9754)
  • Fix use after free (CVE-2017-12448)
  • Fix out of bounds heap read (CVE-2017-12449)
  • Fix out of bounds heap read (CVE-2017-12455)
  • Fix NULL dereference (CVE-2017-12457)
  • Fix out of bounds heap read (CVE-2017-12458)
  • Fix out of bounds heap write (CVE-2017-12459)
  • Fix out of bounds heap write (CVE-2017-12450)
  • Fix out of bounds heap read (CVE-2017-12452)
  • Fix out of bounds heap read (CVE-2017-12453)
  • Fix arbitrary memory read (CVE-2017-12454)
  • Fix out of bounds heap read (CVE-2017-12456)
  • Fix integer overflow, and hang because of a time-consuming loop (CVE-2017-14333)
  • Fix out of bounds stack read (CVE-2017-12451)
  • Fix buffer overflow (CVE-2017-12799)
  • Fix NULL pointer dereference (CVE-2017-13710)
  • Fix _bfd_elf_attr_strdup heap-based buffer over-read (CVE-2017-14130)
  • Fix infinite loop (CVE-2017-14932)
  • Fix excessive memory allocation (CVE-2017-14938)
  • Fix NULL pointer dereference (CVE-2017-14940)
  • Fix parse_die heap-based buffer over-read (CVE-2017-15020)
  • Fix bfd_hash_hash NULL pointer dereference (CVE-2017-15022)
  • Fix divide-by-zero error (CVE-2017-15225)
  • Fix find_abstract_instance_name invalid memory read, segmentation fault (CVE-2017-15938)
  • Fix NULL pointer dereference (CVE-2017-15939)
  • Fix buffer overflow on fuzzed archive header (CVE-2017-15996)
  • Fix invalid memory access (CVE-2017-16826)
  • Fix slurp_symtab invalid free (CVE-2017-16827)
  • Fix integer overflow and heap-based buffer over-read (CVE-2017-16828)
  • Fix integer overflow or excessive memory allocation (CVE-2017-16831)
  • Fix bfd_getl32 heap-based buffer over-read (CVE-2017-17080)
  • Fix invalid read of size 1 (CVE-2017-8396)
  • Fix memory access violation (CVE-2017-17121)
  • Fix NULL pointer dereference (CVE-2017-17123)
  • Fix excessive memory consumption or heap-based buffer overflow (CVE-2017-17124)
  • Fix buffer over-read (CVE-2017-17125)

UPDATE COMMAND

yum update binutils*

 

TuxCare can help you reduce your risk window to data exfiltration and other cyber security threats.

TALK TO A CYBERSECURITY EXPERT

Expert knowledge of Linux security tips,
live patching education, and Cybersecurity news.

Stay updated with the latest news and announcements from TuxCare.com

Related Articles

The Bugs Behind the Vulnerabilities...

We continue to look at the code issues that cause...

November 14, 2022

Cybersecurity insurance and fine print:...

Catastrophic risks such as natural disasters and indeed cyberattacks require...

June 29, 2022

IT Automation With Live...

In a symphony orchestra, instruments harmonize to create one pleasing...

June 20, 2022

KernelCare ePortal updated – version...

We are pleased to announce that a new updated ePortal version...

June 16, 2022

KernelCare agent update – version...

We are pleased to announce that a new updated KernelCare agent...

June 2, 2022

KernelCare ePortal updated – version...

We are pleased to announce that a new updated ePortal version...

May 26, 2022

Resources

State of Enterprise Linux Cybersecurity ... Read More State of Enterprise Linux Cybersecurity ...
Dangerous remotely exploitable vulnerability ... Read More Dangerous remotely exploitable vulnerability ...
Securing confidential research data ... Read More Securing confidential research data ...
State of Enterprise Vulnerability Detection ... Read More State of Enterprise Vulnerability Detection ...
Demand for Rapid Risk Elimination for ... Read More Demand for Rapid Risk Elimination for ...
TuxCare Free Raspberry Pi Patching Read More TuxCare Free Raspberry Pi Patching