CentOS 6 ELS: binutils package gradual rollout completed - TuxCare

CentOS 6 ELS: binutils package gradual rollout completed

TuxCare Team

December 6, 2021

changelog

A new updated binutils package within CentOS 6 ELS has been rolled out to 100% and is now available for download from our production repository.

CHANGELOG

binutils-2.20.51.0.2-5.48.1.el6.tuxcare.els2

  • Fix global buffer overflow (of size 1) (CVE-2017-7223)
  • Fix invalid write (of size 1) while disassembling (CVE-2017-7224)
  • Fix NULL pointer dereference and an invalid write (CVE-2017-7225)
  • Fix heap-based buffer over-read of size 4049 (CVE-2017-7226)
  • Fix heap-based buffer overflow (CVE-2017-7227)
  • Fix invalid read (of size 8) in ELF reloc section (CVE-2017-7299)
  • Fix heap-based buffer over-read (off-by-one) (CVE-2017-7300)
  • Fix off-by-one vulnerability (CVE-2017-7301)
  • Fix invalid read (of size 4) (CVE-2017-7302)
  • Fix undefined behavior issue (CVE-2017-7614)
  • Fix global buffer over-read error (CVE-2017-8393)
  • Fix invalid read of size 4 due to NULL pointer dereferencing (CVE-2017-8394)
  • Fix invalid read of size 1 during dumping of debug information (CVE-2017-8398)
  • Fix memory leak vulnerability (CVE-2017-8421)
  • Fix buffer overflow (CVE-2017-9742)
  • Fix buffer overflow (CVE-2017-9744)
  • Fix buffer overflow (CVE-2017-9747)
  • Fix buffer overflow (CVE-2017-9748)
  • Fix buffer overflow (CVE-2017-9749)
  • Fix buffer overflow (CVE-2017-9753)
  • Fix buffer overflow (CVE-2017-9754)
  • Fix use after free (CVE-2017-12448)
  • Fix out of bounds heap read (CVE-2017-12449)
  • Fix out of bounds heap read (CVE-2017-12455)
  • Fix NULL dereference (CVE-2017-12457)
  • Fix out of bounds heap read (CVE-2017-12458)
  • Fix out of bounds heap write (CVE-2017-12459)
  • Fix out of bounds heap write (CVE-2017-12450)
  • Fix out of bounds heap read (CVE-2017-12452)
  • Fix out of bounds heap read (CVE-2017-12453)
  • Fix arbitrary memory read (CVE-2017-12454)
  • Fix out of bounds heap read (CVE-2017-12456)
  • Fix integer overflow, and hang because of a time-consuming loop (CVE-2017-14333)
  • Fix out of bounds stack read (CVE-2017-12451)
  • Fix buffer overflow (CVE-2017-12799)
  • Fix NULL pointer dereference (CVE-2017-13710)
  • Fix _bfd_elf_attr_strdup heap-based buffer over-read (CVE-2017-14130)
  • Fix infinite loop (CVE-2017-14932)
  • Fix excessive memory allocation (CVE-2017-14938)
  • Fix NULL pointer dereference (CVE-2017-14940)
  • Fix parse_die heap-based buffer over-read (CVE-2017-15020)
  • Fix bfd_hash_hash NULL pointer dereference (CVE-2017-15022)
  • Fix divide-by-zero error (CVE-2017-15225)
  • Fix find_abstract_instance_name invalid memory read, segmentation fault (CVE-2017-15938)
  • Fix NULL pointer dereference (CVE-2017-15939)
  • Fix buffer overflow on fuzzed archive header (CVE-2017-15996)
  • Fix invalid memory access (CVE-2017-16826)
  • Fix slurp_symtab invalid free (CVE-2017-16827)
  • Fix integer overflow and heap-based buffer over-read (CVE-2017-16828)
  • Fix integer overflow or excessive memory allocation (CVE-2017-16831)
  • Fix bfd_getl32 heap-based buffer over-read (CVE-2017-17080)
  • Fix invalid read of size 1 (CVE-2017-8396)
  • Fix memory access violation (CVE-2017-17121)
  • Fix NULL pointer dereference (CVE-2017-17123)
  • Fix excessive memory consumption or heap-based buffer overflow (CVE-2017-17124)
  • Fix buffer over-read (CVE-2017-17125)

UPDATE COMMAND

yum update binutils*

 

Stay in the Loop

Resources

State of Enterprise Linux Cybersecurity ... Read More State of Enterprise Linux Cybersecurity ...
Dangerous remotely exploitable vulnerability ... Read More Dangerous remotely exploitable vulnerability ...
Securing confidential research data ... Read More Securing confidential research data ...
State of Enterprise Vulnerability Detection ... Read More State of Enterprise Vulnerability Detection ...
Demand for Rapid Risk Elimination for ... Read More Demand for Rapid Risk Elimination for ...
TuxCare Free Raspberry Pi Patching Read More TuxCare Free Raspberry Pi Patching