Binutils Denial-of-Service Vulnerability in PE File Processing

A denial-of-service vulnerability has been identified in Binutils version 2.26. The issue arises in the 'd_unqualified_name' function within 'cp-demangle.c', where attackers can cause a segmentation fault by using a crafted Portable Executable (PE) file. This vulnerability is triggered when 'c++filt', a demangling tool that is part of Binutils, processes the malicious PE file.

Impact

Exploitation of this vulnerability leads to a segmentation fault, causing a crash of the 'c++filt' process. This interruption can disrupt workflows or automated processes that rely on this tool.

Reproduction

The vulnerability can be reproduced by compiling Binutils 2.26 with Clang, using AddressSanitizer to detect memory issues. After compiling, 'c++filt' can be fed a crafted file that triggers the vulnerability, causing a segmentation fault. This process can be automated with a Docker container that has the necessary environment.