GNU Binutils Out-of-Bounds Read Vulnerability in Version 2.45

A vulnerability allowing out-of-bounds read has been identified in GNU Binutils version 2.45. This issue arises in the 'vfinfo' function within 'ldmisc.c'. The vulnerability can be exploited locally, leading to a segmentation fault by reading memory addresses outside the intended buffer, as demonstrated by a public proof-of-concept exploit.

Impact

Exploitation of this vulnerability causes a segmentation fault, terminating the process and potentially disrupting any ongoing tasks or operations.

Reproduction

The vulnerability can be reproduced by compiling GNU Binutils 2.45 with Clang 12.0.0, using AddressSanitizer to detect memory errors. After compiling, the 'ld' linker can be run with the '--version-exports-section' option, along with a specially crafted input that triggers the out-of-bounds read. The AddressSanitizer will report the memory access violation, indicating the segmentation fault caused by reading an invalid memory address.

Remediation

Users are advised to update to the patched version of GNU Binutils. The patch is available as attachment 16357 on the Sourceware Bugzilla page for this vulnerability.