LIEF Null Pointer Dereference Vulnerability in ELF Binary Parser

A null pointer dereference vulnerability has been identified in the LIEF library, specifically in versions prior to 0.17.1. The issue arises in the ELF Binary Parser component, within the 'Parser::parse_binary' function of 'src/ELF/Parser.tcc'. This vulnerability leads to a segmentation fault when the parser encounters a malformed ELF binary, failing to properly read the GNU Hash section and subsequently attempting to access an invalid pointer. The vulnerability must be exploited locally, and a public exploit is available.

Impact

Exploitation of this vulnerability causes a segmentation fault, leading to a crash of the application.

Reproduction

The vulnerability can be reproduced using the 'elf_reader' example included with the LIEF project. After uploading the malformed ELF file 'issue_1277.elf' to the 'oneafter/1210' repository on GitHub, the 'elf_reader' can be run with the 'repro' argument. This will trigger the null pointer dereference vulnerability, causing a segmentation fault. The AddressSanitizer will report the error, indicating that the crash was caused by a read access to a null pointer.

Remediation

Users are advised to upgrade to LIEF version 0.17.2, which addresses this vulnerability. The updated version can be downloaded from the LIEF GitHub releases page.